Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 10:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242501	6.8	警告	opensurveypilot	-	osp の administration/user/lib/group.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2166	2012-09-25 16:47	2007-04-22	Show	GitHub Exploit DB Packet Storm

242502	5	警告	KDE project	-	Konqueror におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2164	2012-09-25 16:47	2007-04-22	Show	GitHub Exploit DB Packet Storm

242503	5	警告	マイクロソフト	-	Microsoft Internet Explorer 7 におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2161	2012-09-25 16:47	2007-04-22	Show	GitHub Exploit DB Packet Storm

242504	7.5	危険	kooijman-design	-	jGallery の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2158	2012-09-25 16:47	2007-04-19	Show	GitHub Exploit DB Packet Storm

242505	7.9	危険	マカフィー	-	McAfee VirusScan Enterprise の On-Access Scanner におけるバッファオーバーフローの脆弱性	-	CVE-2007-2152	2012-09-25 16:47	2007-04-19	Show	GitHub Exploit DB Packet Storm

242506	7.5	危険	ixon cms	-	iXon CMS におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2104	2012-09-25 16:47	2007-04-18	Show	GitHub Exploit DB Packet Storm

242507	7.5	危険	my little homepage	-	my little forum における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2103	2012-09-25 16:47	2007-04-18	Show	GitHub Exploit DB Packet Storm

242508	5	警告	マカフィー	-	McAfee e-Business Server の管理サーバにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2151	2012-09-25 16:47	2007-04-19	Show	GitHub Exploit DB Packet Storm

242509	7.5	危険	minigal	-	MiniGal の classes.php における任意の PHP コードを挿入される脆弱性	-	CVE-2007-2146	2012-09-25 16:47	2007-04-19	Show	GitHub Exploit DB Packet Storm

242510	7.5	危険	minigal	-	MiniGal の classes.php における任意の PHP コードを挿入される脆弱性	-	CVE-2007-2145	2012-09-25 16:47	2007-04-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285961	5.4	MEDIUM Network	jease	jease	Cross-site scripting (XSS) vulnerability in Jease 2.11 allows remote authenticated users to inject arbitrary web script or HTML via a content section note.	CWE-79 Cross-site Scripting	CVE-2014-8780	2024-11-21 11:19	2018-03-8	Show	GitHub Exploit DB Packet Storm

285962	9.8	CRITICAL Network	trendnet	tew-823dru_firmware	TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes for the root account, which makes it easier for remote attackers to obtain access via an FTP session.	CWE-798 Use of Hard-coded Credentials	CVE-2014-8579	2024-11-21 11:19	2018-01-6	Show	GitHub Exploit DB Packet Storm

285963	6.5	MEDIUM Network	gitlab	gitlab	The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ownership of arbitrary groups by leveraging improper permission checks.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8540	2024-11-21 11:19	2018-01-6	Show	GitHub Exploit DB Packet Storm

285964	9.8	CRITICAL Network	airlive	bu-3026_firmware md-3025_firmware wl-2000cam_firmware poe-200cam_v2_firmware bu-2015_firmware	cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with…	CWE-78 OS Command	CVE-2014-8389	2024-11-21 11:19	2017-12-28	Show	GitHub Exploit DB Packet Storm

285965	5.3	MEDIUM Network	codeasily	grand_flagallery	The Grand Flagallery plugin before 4.25 for WordPress allows remote attackers to obtain the installation path via a request to (1) flagallery-skins/banner_widget_default/gallery.php or (2) flash-albu…	CWE-200 Information Exposure	CVE-2014-8491	2024-11-21 11:19	2017-10-18	Show	GitHub Exploit DB Packet Storm

285966	9.8	CRITICAL Network	store_locator_project	store_locator	SQL injection vulnerability in the Store Locator plugin 2.3 through 3.11 for WordPress allows remote attackers to execute arbitrary SQL commands via the sl_custom_field parameter to sl-xml.php.	CWE-89 SQL Injection	CVE-2014-8621	2024-11-21 11:19	2017-10-17	Show	GitHub Exploit DB Packet Storm

285967	6.1	MEDIUM Network	tech-banker	gallery_bank	Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin before 3.0.70for WordPress allows remote attackers to inject arbitrary web script or HTML via the order_id parameter in the gall…	CWE-79 Cross-site Scripting	CVE-2014-8758	2024-11-21 11:19	2017-10-6	Show	GitHub Exploit DB Packet Storm

285968	6.1	MEDIUM Network	cozmoslabs	profile_builder	Multiple cross-site scripting (XSS) vulnerabilities in assets/misc/fallback-page.php in the Profile Builder plugin before 2.0.3 for WordPress allow remote attackers to inject arbitrary web script or …	CWE-79 Cross-site Scripting	CVE-2014-8492	2024-11-21 11:19	2017-10-6	Show	GitHub Exploit DB Packet Storm

285969	5.9	MEDIUM Network	kde	kmail	KDE KMail does not encrypt attachments in emails when "automatic encryption" is enabled, which allows remote attackers to obtain sensitive information by sniffing the network.	CWE-310 Cryptographic Issues	CVE-2014-8878	2024-11-21 11:19	2017-09-28	Show	GitHub Exploit DB Packet Storm

285970	5.3	MEDIUM Network	dropbox	dropbox_sdk	Dropbox SDK for Android before 1.6.2 might allow remote attackers to obtain sensitive information via crafted malware or via a drive-by download attack.	CWE-200 Information Exposure	CVE-2014-8889	2024-11-21 11:19	2017-09-26	Show	GitHub Exploit DB Packet Storm