Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
251241 7.5 危険 b2evolution - b2evolution の blogs/index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2681 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251242 7.5 危険 censura - Censura の includes/funcs_vendors.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2007-2673 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251243 4.3 警告 globalmegacorp - PHPChain におけるインストールパスを取得される脆弱性 - CVE-2007-2670 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251244 4.3 警告 globalmegacorp - PHPChain におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2669 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251245 9.3 危険 db soft lab - VImpX.ocx の DB Software Laboratory VImpX ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2007-2667 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251246 7.5 危険 beacon - Beacon の language/1/splash.lang.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2663 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251247 7.5 危険 efestech haber - EfesTECH Haber における SQL インジェクションの脆弱性 - CVE-2007-2662 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251248 7.5 危険 drumster - BlogMe の archshow.asp における SQL インジェクションの脆弱性 - CVE-2007-2661 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251249 5 警告 bugada andrea - PHP Advanced Transfer Manager (phpATM) の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2659 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
251250 7.5 危険 free-sa - Free-SA における任意のコードを実行される脆弱性 - CVE-2007-2652 2012-06-26 15:46 2007-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
302931 7.8 HIGH
Local
sumatrapdfreader
artifex
sumatrapdf
mupdf
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file. CWE-190
 Integer Overflow or Wraparound
CVE-2012-5340 2024-11-21 10:44 2020-01-24 Show GitHub Exploit DB Packet Storm
302932 7.5 HIGH
Network
redhat jboss_operations_network
jboss_enterprise_web_server
jboss_enterprise_application_platform
jboss_brms
jboss_soa_platform
jboss_portal
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in… NVD-CWE-noinfo
CVE-2012-5626 2024-11-21 10:44 2020-01-24 Show GitHub Exploit DB Packet Storm
302933 9.8 CRITICAL
Network
accusoft prizm_content_connect Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2012-5190 2024-11-21 10:44 2020-01-22 Show GitHub Exploit DB Packet Storm
302934 4.8 MEDIUM
Network
smileys_project
smiley_project
smileys
smiley
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with … CWE-79
Cross-site Scripting
CVE-2012-5558 2024-11-21 10:44 2020-01-10 Show GitHub Exploit DB Packet Storm
302935 5.5 MEDIUM
Local
openstack
debian
horizon
debian_linux
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. CWE-200
Information Exposure
CVE-2012-5476 2024-11-21 10:44 2019-12-31 Show GitHub Exploit DB Packet Storm
302936 5.5 MEDIUM
Local
redhat
openstack
debian
fedoraproject
openstack
horizon
debian_linux
fedora
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret … CWE-311
Missing Encryption of Sensitive Data
CVE-2012-5474 2024-11-21 10:44 2019-12-31 Show GitHub Exploit DB Packet Storm
302937 7.8 HIGH
Local
gksu-polkit_project
fedoraproject
gksu-polkit
fedora
gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation CWE-269
 Improper Privilege Management
CVE-2012-5617 2024-11-21 10:44 2019-11-25 Show GitHub Exploit DB Packet Storm
302938 9.8 CRITICAL
Network
opendnssec opendnssec opendnssec misuses libcurl API CWE-20
 Improper Input Validation 
CVE-2012-5582 2024-11-21 10:44 2019-11-25 Show GitHub Exploit DB Packet Storm
302939 7.5 HIGH
Network
gnome
fedoraproject
gnome-system-log
fedora
gnome-system-log polkit policy allows arbitrary files on the system to be read CWE-200
Information Exposure
CVE-2012-5535 2024-11-21 10:44 2019-11-25 Show GitHub Exploit DB Packet Storm
302940 5.5 MEDIUM
Local
claws-mail vcalendar Claws Mail vCalendar plugin: credentials exposed on interface CWE-522
 Insufficiently Protected Credentials
CVE-2012-5527 2024-11-21 10:44 2019-11-25 Show GitHub Exploit DB Packet Storm