Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242201 6.8 警告 アドビシステムズ - Adobe Acrobat に実装される Adobe PDF 仕様におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-0103 2012-06-26 15:38 2007-01-8 Show GitHub Exploit DB Packet Storm
242202 6.8 警告 アップル - Apple Mac OS X Preview で実装される Adobe PDF におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-0102 2012-06-26 15:38 2007-01-8 Show GitHub Exploit DB Packet Storm
242203 9.3 危険 ConeXware, Inc. - ConeXware PowerArchiver 2006 の PAISO.DLL の LoadTree 関数におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-0097 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
242204 7.5 危険 carboncommunities - CarbonCommunities におけるパスワードを含むデータベースをダウンロードされる脆弱性 - CVE-2007-0096 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
242205 7.5 危険 Simple Web Content Management System - Simple Web Content Management System の page.php における SQL インジェクションの脆弱性 - CVE-2007-0093 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
242206 7.5 危険 e-smart cart - E-SMARTCART の productdetail.asp における SQL インジェクションの脆弱性 - CVE-2007-0092 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
242207 7.5 危険 fermentigrafici - WineGlass におけるパスワードを含むデータベースをダウンロードされる脆弱性 - CVE-2007-0090 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
242208 5 警告 battleblog - BattleBlog におけるデータベースをダウンロードされる脆弱性 - CVE-2007-0078 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
242209 7.5 危険 2enetworx - Openforum におけるデータベースをダウンロードされる脆弱性 - CVE-2007-0076 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
242210 7.5 危険 aspbb - AspBB におけるユーザパスワードを含むデータベースをダウンロードされる脆弱性 - CVE-2007-0075 2012-06-26 15:38 2007-01-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
287711 - kaspersky kaspersky_anti-virus kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of servi… CWE-20
 Improper Input Validation  		CVE-2009-4114 2018-10-11 04:48 2009-12-1 Show GitHub Exploit DB Packet Storm
287712 - cutephp cutenews Multiple static code injection vulnerabilities in the Categories module in CutePHP CuteNews 1.4.6 allow remote authenticated users with application administrative privileges to inject arbitrary PHP c… CWE-94
Code Injection 		CVE-2009-4115 2018-10-11 04:48 2009-12-1 Show GitHub Exploit DB Packet Storm
287713 - cutephp cutenews Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is disabled, allow remote authenticated users with editor or administrative application access to read ar… CWE-22
Path Traversal 		CVE-2009-4116 2018-10-11 04:48 2009-12-1 Show GitHub Exploit DB Packet Storm
287714 - postgresql postgresql PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution… NVD-CWE-Other
CVE-2009-4136 2018-10-11 04:48 2009-12-16 Show GitHub Exploit DB Packet Storm
287715 - daz3d daz_studio DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote attackers to execute arbitrary JavaScript code via a (1) .ds, (2) .dsa, (3) .dse, or (4) .dsb file, as demonstrated by code that loads the… CWE-94
Code Injection 		CVE-2009-4148 2018-10-11 04:48 2009-12-5 Show GitHub Exploit DB Packet Storm
287716 - eshopbuilder eshopbuilde_cms Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote attackers to execute arbitrary SQL commands via the sitebid parameter to (1) home-f.asp and (2) opinions-f.asp; (3) sitebid, (4)… CWE-89
SQL Injection 		CVE-2009-4155 2018-10-11 04:48 2009-12-3 Show GitHub Exploit DB Packet Storm
287717 - roytanck wp-cumulus Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin before 1.23 for WordPress and the Joomulus module 2.0 and earlier for Joomla!, allows remote attac… CWE-79
Cross-site Scripting 		CVE-2009-4168 2018-10-11 04:48 2009-12-3 Show GitHub Exploit DB Packet Storm
287718 - roytanck wp-cumulus WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows remote attackers to obtain sensitive information via a crafted request to wp-cumulus.php, probably without parameters, which… CWE-200
Information Exposure 		CVE-2009-4170 2018-10-11 04:48 2009-12-3 Show GitHub Exploit DB Packet Storm
287719 - yahoo messenger An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and applicati… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-4171 2018-10-11 04:48 2009-12-3 Show GitHub Exploit DB Packet Storm
287720 - cutephp
korn19 		cutenews
utf-8_cutenews 		Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b, when magic_quotes_gpc is disabled, allows remote attackers to inject arbitrary web script … CWE-79
Cross-site Scripting 		CVE-2009-4172 2018-10-11 04:48 2009-12-3 Show GitHub Exploit DB Packet Storm