Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 4:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
244001	4.3	警告	Dotclear	-	Dotclear の管理インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0933	2012-06-26 16:10	2009-03-17	Show	GitHub Exploit DB Packet Storm

244002	7.5	危険	Apache Friends	-	XAMPP におけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2009-0919	2012-06-26 16:10	2009-03-16	Show	GitHub Exploit DB Packet Storm

244003	7.5	危険	DFLabs	-	DFLabs PTK における PTK の Apache HTTP サーバで起動されたプロセス内で任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-0918	2012-06-26 16:10	2009-03-16	Show	GitHub Exploit DB Packet Storm

244004	4.3	警告	DFLabs	-	DFLabs PTK におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0917	2012-06-26 16:10	2009-03-16	Show	GitHub Exploit DB Packet Storm

244005	5	警告	FileZilla	-	FileZilla Server におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0884	2012-06-26 16:10	2009-03-12	Show	GitHub Exploit DB Packet Storm

244006	6.8	警告	amunak	-	Blue Eye CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0883	2012-06-26 16:10	2009-03-12	Show	GitHub Exploit DB Packet Storm

244007	3.5	注意	Digium	-	Asterisk Open Source の SIP チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-0871	2012-06-26 16:10	2009-02-6	Show	GitHub Exploit DB Packet Storm

244008	8.8	危険	GeoVision	-	LIVEX_~1.OCX の GeoVision LiveX ActiveX コントロールにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-0865	2012-06-26 16:10	2009-03-10	Show	GitHub Exploit DB Packet Storm

244009	4.3	警告	denorastats	-	phpDenora におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0861	2012-06-26 16:10	2009-03-10	Show	GitHub Exploit DB Packet Storm

244010	6.9	警告	dash	-	dash における任意のコードを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2009-0854	2012-06-26 16:10	2009-03-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346811	-	kdocker	kdocker	kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs.	NVD-CWE-Other	CVE-2004-2197	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346812	-	duware	duclassmate	account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page.	NVD-CWE-Other	CVE-2004-2198	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346813	-	duware	duclassified	Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text.	NVD-CWE-Other	CVE-2004-2199	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346814	-	duware	duforum	Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text.	NVD-CWE-Other	CVE-2004-2200	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346815	-	duware	duforum	SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail…	NVD-CWE-Other	CVE-2004-2201	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346816	-	duware	duclassified	Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (…	NVD-CWE-Other	CVE-2004-2202	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346817	-	ansel	ansel	Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories.	NVD-CWE-Other	CVE-2004-2203	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346818	-	macromedia	coldfusion	Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administ…	NVD-CWE-Other	CVE-2004-2204	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346819	-	symantec_veritas	cluster_server	Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors.	NVD-CWE-Other	CVE-2004-2205	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

346820	-	natterchat	natterchat	SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors.	NVD-CWE-Other	CVE-2004-2206	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm