Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242661 10 危険 マイクロソフト - Microsoft IIS Web Server の webhits.dll における非公開 Web ディレクトリへアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-2815 2012-09-25 16:47 2007-05-22 Show GitHub Exploit DB Packet Storm
242662 7.5 危険 pegasus - Pegasus ImagN' ActiveX control におけるスタックベースのバッファーオーバーフローの脆弱性 - CVE-2007-2814 2012-09-25 16:47 2007-05-22 Show GitHub Exploit DB Packet Storm
242663 4.3 警告 hlstats - HLstats の hlstats.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2812 2012-09-25 16:47 2007-05-22 Show GitHub Exploit DB Packet Storm
242664 9.3 危険 Opera Software ASA - Windows 用の Opera の転送管理におけるバッファオーバーフローの脆弱性 - CVE-2007-2809 2012-09-25 16:47 2007-05-22 Show GitHub Exploit DB Packet Storm
242665 10 危険 ヒューレット・パッカード - HP Tru64 UNIX の SSH における有効なユーザを特定される脆弱性 - CVE-2007-2791 2012-09-25 16:47 2007-05-9 Show GitHub Exploit DB Packet Storm
242666 7.5 危険 LEAD Technologies, Inc. - LeadTools Raster Thumbnail Object Library におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2787 2012-09-25 16:47 2007-05-21 Show GitHub Exploit DB Packet Storm
242667 5 警告 ircd-ratbox - Ratbox IRC Daemon におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2786 2012-09-25 16:47 2007-05-21 Show GitHub Exploit DB Packet Storm
242668 7.5 危険 packeteer - Packeteer PacketShaper における TCP ISN 値を予測される脆弱性 - CVE-2007-2782 2012-09-25 16:47 2007-05-21 Show GitHub Exploit DB Packet Storm
242669 7.5 危険 libstats - Libstats の template_csv.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2779 2012-09-25 16:47 2007-05-21 Show GitHub Exploit DB Packet Storm
242670 7.8 危険 molyx - MolyX BOARD におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2778 2012-09-25 16:47 2007-05-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
286171 - subex roc_fraud_management_system SQL injection vulnerability in the login page (login/login) in Subex ROC Fraud Management (aka Fraud Management System and FMS) 7.4 and earlier allows remote attackers to execute arbitrary SQL comman… CWE-89
SQL Injection 		CVE-2014-8728 2024-11-21 11:19 2014-12-3 Show GitHub Exploit DB Packet Storm
286172 - enalean tuleap project/register.php in Tuleap before 7.7, when sys_create_project_in_one_step is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code vi… CWE-94
Code Injection 		CVE-2014-8791 2024-11-21 11:19 2014-12-2 Show GitHub Exploit DB Packet Storm
286173 - redhat
xen
debian
opensuse 		enterprise_linux
enterprise_linux_desktop
xen
debian_linux
opensuse 		The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM… CWE-17
Code 		CVE-2014-8867 2024-11-21 11:19 2014-12-2 Show GitHub Exploit DB Packet Storm
286174 - debian
xen
opensuse 		debian_linux
xen
opensuse 		The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vec… CWE-17
Code 		CVE-2014-8866 2024-11-21 11:19 2014-12-2 Show GitHub Exploit DB Packet Storm
286175 - ait-pro bulletproof_security Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests tha… NVD-CWE-noinfo
CVE-2014-8749 2024-11-21 11:19 2014-12-2 Show GitHub Exploit DB Packet Storm
286176 - linux linux_kernel Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial o… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-8884 2024-11-21 11:19 2014-11-30 Show GitHub Exploit DB Packet Storm
286177 - strangerstudios paid_memberships_pro Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the QUER… CWE-22
Path Traversal 		CVE-2014-8801 2024-11-21 11:19 2014-11-29 Show GitHub Exploit DB Packet Storm
286178 - dukapress dukapress Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (do… CWE-22
Path Traversal 		CVE-2014-8799 2024-11-21 11:19 2014-11-29 Show GitHub Exploit DB Packet Storm
286179 - xavoc xepan_cms Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests t… CWE-352
 Origin Validation Error 		CVE-2014-8429 2024-11-21 11:19 2014-11-29 Show GitHub Exploit DB Packet Storm
286180 - arris vap2500_firmware The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files. CWE-200
Information Exposure 		CVE-2014-8425 2024-11-21 11:19 2014-11-29 Show GitHub Exploit DB Packet Storm