Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241651 5 警告 Exponent CMS project - Exponent CMS の iconspopup.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2252 2012-06-26 15:46 2007-04-25 Show GitHub Exploit DB Packet Storm
241652 9.3 危険 アドビシステムズ - 複数の Adobe 製品におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2244 2012-06-26 15:46 2007-04-25 Show GitHub Exploit DB Packet Storm
241653 9.3 危険 アクシスコミュニケーションズ - AXIS および Panorama PTZ の SaveBMP メソッドにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2239 2012-06-26 15:46 2007-05-7 Show GitHub Exploit DB Packet Storm
241654 6.5 警告 cosign - Cosign の cosign-bin/cosign.cgi における任意ユーザとして不正な操作を実行される脆弱性 - CVE-2007-2233 2012-06-26 15:46 2007-04-25 Show GitHub Exploit DB Packet Storm
241655 7.5 危険 cosign - Cosign の CHECK コマンドにおける認証要件を回避される脆弱性 - CVE-2007-2232 2012-06-26 15:46 2007-04-25 Show GitHub Exploit DB Packet Storm
241656 6.5 警告 CA Technologies - CA Clever Path Portal における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2230 2012-06-26 15:46 2007-04-24 Show GitHub Exploit DB Packet Storm
241657 7.5 危険 dmcms - DmCMS の includes/upload_file.php における PHP スクリプトをアップロードされる脆弱性 - CVE-2007-2214 2012-06-26 15:46 2007-04-24 Show GitHub Exploit DB Packet Storm
241658 6.8 警告 コーレル株式会社
accusoft		 - AccuSoft ImageGear の igcore15d.dll におけるバッファオーバーフローの脆弱性 - CVE-2007-2209 2012-06-26 15:46 2007-04-24 Show GitHub Exploit DB Packet Storm
241659 7.5 危険 extreme phpbb - Extreme PHPBB2 における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2208 2012-06-26 15:46 2007-04-24 Show GitHub Exploit DB Packet Storm
241660 7.5 危険 gpl php board - GPB における PHP リモートファイルインクルーションの脆弱性 - CVE-2007-2204 2012-06-26 15:46 2007-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
287811 - vtiger vtiger_crm Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordte… CWE-200
Information Exposure 		CVE-2008-3458 2017-11-23 02:25 2008-08-5 Show GitHub Exploit DB Packet Storm
287812 - apple quicktime Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, related to an "invalid pointer iss… CWE-399
 Resource Management Errors 		CVE-2008-3628 2017-11-23 02:23 2008-09-11 Show GitHub Exploit DB Packet Storm
287813 - wordpress wordpress wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass… CWE-255
Credentials Management 		CVE-2009-2762 2017-11-23 02:17 2009-08-14 Show GitHub Exploit DB Packet Storm
287814 - wordpress wordpress Wordpress before 2.8.3 does not check capabilities for certain actions, which allows remote attackers to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-p… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-2854 2017-11-23 02:17 2009-08-19 Show GitHub Exploit DB Packet Storm
287815 - verbatim corporate_secure Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically pr… CWE-255
Credentials Management 		CVE-2010-0227 2017-11-23 02:16 2010-01-8 Show GitHub Exploit DB Packet Storm
287816 - wordpress wordpress Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in WordPress before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML via the s parameter (aka the sel… CWE-79
Cross-site Scripting 		CVE-2009-3891 2017-11-23 02:16 2009-11-18 Show GitHub Exploit DB Packet Storm
287817 - microsoft windows_2000 Unspecified vulnerability in Windows 2000 Advanced Server SP4 running Active Directory allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain VulnDisco… NVD-CWE-Other
CVE-2006-5988 2017-11-23 02:06 2006-11-21 Show GitHub Exploit DB Packet Storm
287818 - estsoft alftp Directory traversal vulnerability in the FTP client in ALTools ESTsoft ALFTP 4.1 beta 2 and 5.0 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a … CWE-22
Path Traversal 		CVE-2008-2702 2017-11-23 02:04 2008-06-14 Show GitHub Exploit DB Packet Storm
287819 - vtiger vtiger_crm include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence field… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-3251 2017-11-23 01:06 2009-09-19 Show GitHub Exploit DB Packet Storm
287820 - adbnewssender adbnewssender Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubs… CWE-79
Cross-site Scripting 		CVE-2008-6047 2017-11-22 23:49 2009-02-5 Show GitHub Exploit DB Packet Storm