Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242501 9.3 危険 macrovision - Macrovision FLEXnet Connect 用の isusweb.dll におけるバッファオーバーフローの脆弱性 - CVE-2007-0321 2012-09-25 16:47 2007-02-22 Show GitHub Exploit DB Packet Storm
242502 9.3 危険 macrovision - Macrovision InstallFromTheWeb 用の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-0320 2012-09-25 16:47 2007-02-22 Show GitHub Exploit DB Packet Storm
242503 7.5 危険 okulsistem okul web - Okul Web Otomasyon Sistemi の etkinlikbak.asp における SQL インジェクションの脆弱性 - CVE-2007-0305 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242504 7.5 危険 mint - MiNT Haber Sistemi の duyuru.asp における SQL インジェクションの脆弱性 - CVE-2007-0304 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242505 10 危険 pancake.org - Zina における脆弱性 - CVE-2007-0303 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242506 6.8 警告 InstantASP Ltd. - InstantASP におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0302 2012-09-25 16:47 2007-01-17 Show GitHub Exploit DB Packet Storm
242507 4 警告 オラクル - Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性 - CVE-2007-0297 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242508 2.1 注意 オラクル - Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性 - CVE-2007-0296 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242509 7.8 危険 オラクル - Oracle PeopleSoft Enterprise および JD Edwards EnterpriseOne における脆弱性 - CVE-2007-0295 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
242510 1.7 注意 オラクル - Oracle Enterprise Manager における脆弱性 - CVE-2007-0294 2012-09-25 16:47 2007-01-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
286161 - nextendweb nextend_facebook_connect Cross-site scripting (XSS) vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or H… CWE-79
Cross-site Scripting 		CVE-2014-8800 2024-11-21 11:19 2014-12-6 Show GitHub Exploit DB Packet Storm
286162 - modx modx_revolution MODX Revolution 2.x before 2.2.15 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive informat… CWE-200
Information Exposure 		CVE-2014-8775 2024-11-21 11:19 2014-12-4 Show GitHub Exploit DB Packet Storm
286163 - modx modx_revolution Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x before 2.2.15 allows remote attackers to inject arbitrary web script or HTML via the context_key parameter. CWE-79
Cross-site Scripting 		CVE-2014-8774 2024-11-21 11:19 2014-12-4 Show GitHub Exploit DB Packet Storm
286164 - modx modx_revolution MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism by (1) omitting the CSRF token or via a (2) long string in the CSRF toke… CWE-352
 Origin Validation Error 		CVE-2014-8773 2024-11-21 11:19 2014-12-4 Show GitHub Exploit DB Packet Storm
286165 - x3cms x3_cms Cross-site scripting (XSS) vulnerability in the search_controller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter. CWE-79
Cross-site Scripting 		CVE-2014-8772 2024-11-21 11:19 2014-12-4 Show GitHub Exploit DB Packet Storm
286166 - x3cms x3_cms Multiple cross-site request forgery (CSRF) vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors. CWE-352
 Origin Validation Error 		CVE-2014-8771 2024-11-21 11:19 2014-12-4 Show GitHub Exploit DB Packet Storm
286167 - kennziffer ke_questionnaire The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a … CWE-200
Information Exposure 		CVE-2014-8874 2024-11-21 11:19 2014-12-3 Show GitHub Exploit DB Packet Storm
286168 - gleamtech filevista GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled durin… CWE-20
 Improper Input Validation  		CVE-2014-8789 2024-11-21 11:19 2014-12-3 Show GitHub Exploit DB Packet Storm
286169 - gleamtech filevista GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message. CWE-200
Information Exposure 		CVE-2014-8788 2024-11-21 11:19 2014-12-3 Show GitHub Exploit DB Packet Storm
286170 - ad-manager_project ad-manager Open redirect vulnerability in track-click.php in the Ad-Manager plugin 1.1.2 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in … NVD-CWE-Other
CVE-2014-8754 2024-11-21 11:19 2014-12-3 Show GitHub Exploit DB Packet Storm