Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242541 7.5 危険 PHP Web Scripts - Easy Banner Pro の info.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0178 2012-09-25 15:36 2007-01-10 Show GitHub Exploit DB Packet Storm
242542 5.1 警告 MediaWiki - MediaWiki の AJAX モジュールにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0177 2012-09-25 15:36 2007-01-10 Show GitHub Exploit DB Packet Storm
242543 6.8 警告 l2j - L2J Statistik Script の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-0173 2012-09-25 15:36 2007-01-10 Show GitHub Exploit DB Packet Storm
242544 7.5 危険 locazo - LocazoList の main.asp における SQL インジェクションの脆弱性 - CVE-2007-0129 2012-09-25 15:36 2007-01-9 Show GitHub Exploit DB Packet Storm
242545 9.3 危険 Opera Software ASA - Opera の Javascript SVG サポートにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2007-0127 2012-09-25 15:36 2007-01-8 Show GitHub Exploit DB Packet Storm
242546 9.3 危険 Opera Software ASA - Opera におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-0126 2012-09-25 15:36 2007-01-8 Show GitHub Exploit DB Packet Storm
242547 5 警告 カスペルスキー - Kaspersky Lab Antivurus Engine におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-0125 2012-09-25 15:36 2007-01-8 Show GitHub Exploit DB Packet Storm
242548 6.8 警告 michael romedahl - RI Blog の search.asp におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0121 2012-09-25 15:36 2007-01-8 Show GitHub Exploit DB Packet Storm
242549 6.8 警告 packeteer - Packeteer PacketShaper PacketWise におけるバッファオーバーフローの脆弱性 - CVE-2007-0113 2012-09-25 15:36 2007-01-8 Show GitHub Exploit DB Packet Storm
242550 6.8 警告 Novell - Novell Access Manager Identity Server の nidp/idff/sso におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0110 2012-09-25 15:36 2007-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269471 7.7 HIGH
Network 		vmware vcenter_server VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML docum… CWE-611
XXE 		CVE-2016-7459 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269472 5.8 MEDIUM
Network 		vmware vsphere_client VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjun… CWE-611
XXE 		CVE-2016-7458 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269473 10.0 CRITICAL
Network 		vmware vrealize_operations VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-7457 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269474 9.8 CRITICAL
Network 		vmware vsphere_data_protection VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. CWE-255
Credentials Management 		CVE-2016-7456 2024-11-21 11:58 2016-12-29 Show GitHub Exploit DB Packet Storm
269475 6.5 MEDIUM
Network 		kde kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed. CWE-94
Code Injection 		CVE-2016-7968 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269476 8.1 HIGH
Network 		kde kmail KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URL… CWE-94
CWE-284
Code Injection
Improper Access Control 		CVE-2016-7967 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269477 7.3 HIGH
Network 		kde
debian
fedoraproject
suse 		kmail
debian_linux
fedora
linux_enterprise 		Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal si… CWE-94
Code Injection 		CVE-2016-7966 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269478 4.9 MEDIUM
Network 		kde
opensuse 		kde-cli-tools
leap
opensuse 		A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. CWE-94
Code Injection 		CVE-2016-7787 2024-11-21 11:58 2016-12-24 Show GitHub Exploit DB Packet Storm
269479 5.5 MEDIUM
Local 		ffmpeg ffmpeg The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file. CWE-476
 NULL Pointer Dereference 		CVE-2016-7905 2024-11-21 11:58 2016-12-23 Show GitHub Exploit DB Packet Storm
269480 5.5 MEDIUM
Local 		ffmpeg ffmpeg The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file. CWE-20
 Improper Input Validation  		CVE-2016-7785 2024-11-21 11:58 2016-12-23 Show GitHub Exploit DB Packet Storm