Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
251471 4.3 警告 arizona-dream - Arizona Dream livor の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1919 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
251472 6.8 警告 MyBB Group
ecardmax.com
- eCardMAX Hot Editor および HotEditor プラグインの richedit/keyboard.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1906 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
251473 4.3 警告 AOL - AIM および ICQ におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1904 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
251474 9.3 危険 アカマイテクノロジーズ - Akamai Technologies Download Manager ActiveX コントロール (DownloadManagerV2.ocx) におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1892 2012-06-26 15:46 2007-04-17 Show GitHub Exploit DB Packet Storm
251475 7.2 危険 アドビシステムズ - Adobe ColdFusion MX における任意のコードを実行される脆弱性 - CVE-2007-1874 2012-06-26 15:46 2007-04-10 Show GitHub Exploit DB Packet Storm
251476 4.3 警告 chcounter - chcounter におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1871 2012-06-26 15:46 2007-04-13 Show GitHub Exploit DB Packet Storm
251477 5 警告 drake team - Drake CMS の classes/captcha/captcha.jpg.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1850 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
251478 7.5 危険 drake team - Drake CMS の 404.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-1849 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
251479 4.3 警告 drake team - Drake CMS の admin/classes/ui.dta.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1848 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
251480 7.5 危険 avatic - Aardvark Topsites PHP における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1844 2012-06-26 15:46 2007-04-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
276091 8.8 HIGH
Network
cacti cacti SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action. CWE-89
SQL Injection
CVE-2016-3172 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276092 7.8 HIGH
Local
xen
canonical
xen
ubuntu_linux
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause… CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-3157 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276093 8.1 HIGH
Network
drupal
debian
drupal
debian_linux
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data trunc… CWE-19
 Data Processing Errors
CVE-2016-3171 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276094 5.3 MEDIUM
Network
debian
drupal
debian_linux
drupal
The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configur… CWE-200
Information Exposure
CVE-2016-3170 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276095 8.1 HIGH
Network
debian
drupal
debian_linux
drupal
The User module in Drupal 6.x before 6.38 and 7.x before 7.43 allows remote attackers to gain privileges by leveraging contributed or custom code that calls the user_save function with an explicit ca… CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-3169 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276096 6.4 MEDIUM
Network
drupal
debian
drupal
debian_linux
The System module in Drupal 6.x before 6.38 and 7.x before 7.43 might allow remote attackers to hijack the authentication of site administrators for requests that download and run files with arbitrar… CWE-254
 7PK - Security Features
CVE-2016-3168 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276097 7.4 HIGH
Network
drupal
debian
drupal
debian_linux
Open redirect vulnerability in the drupal_goto function in Drupal 6.x before 6.38, when used with PHP before 5.4.7, allows remote attackers to redirect users to arbitrary web sites and conduct phishi… NVD-CWE-Other
CVE-2016-3167 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276098 5.9 MEDIUM
Network
debian
drupal
debian_linux
drupal
CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x before 6.38, when used with PHP before 5.1.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP re… NVD-CWE-Other
CVE-2016-3166 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276099 7.5 HIGH
Network
drupal drupal The Form API in Drupal 6.x before 6.38 ignores access restrictions on submit buttons, which might allow remote attackers to bypass intended access restrictions by leveraging permission to submit a fo… CWE-284
Improper Access Control
CVE-2016-3165 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm
276100 7.4 HIGH
Network
drupal
debian
drupal
debian_linux
Drupal 6.x before 6.38, 7.x before 7.43, and 8.x before 8.0.4 might allow remote attackers to conduct open redirect attacks by leveraging (1) custom code or (2) a form shown on a 404 error page, rela… NVD-CWE-Other
CVE-2016-3164 2024-11-21 11:49 2016-04-13 Show GitHub Exploit DB Packet Storm