Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251521	4.6	警告	OTRS プロジェクト	-	OTRS の Kernel/System/Web/Request.pm におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7276	2012-03-27 18:42	2011-03-18	Show	GitHub Exploit DB Packet Storm

251522	4.3	警告	OTRS プロジェクト	-	OTRS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7275	2012-03-27 18:42	2011-03-18	Show	GitHub Exploit DB Packet Storm

251523	5.8	警告	boka	-	SiteEngine の api.php におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2008-7269	2012-03-27 18:42	2010-12-1	Show	GitHub Exploit DB Packet Storm

251524	4	警告	IBM	-	IBM TDS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-6743	2012-03-27 18:42	2011-04-10	Show	GitHub Exploit DB Packet Storm

251525	6.8	警告	IBM	-	IBM TDS の get_filter_list 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-6742	2012-03-27 18:42	2011-04-10	Show	GitHub Exploit DB Packet Storm

251526	4.3	警告	monkeysaudio	-	Monkey's Audio におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2006-7245	2012-03-27 18:42	2011-05-20	Show	GitHub Exploit DB Packet Storm

251527	5	警告	PNG Development Group	-	libpng の pngwutil.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2006-7244	2012-03-27 18:42	2011-08-31	Show	GitHub Exploit DB Packet Storm

251528	5	警告	boka	-	SiteEngine の phpinfo 関数におけるシステム情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-7268	2012-03-27 18:42	2010-12-1	Show	GitHub Exploit DB Packet Storm

251529	7.5	危険	boka	-	SiteEngine における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-7267	2012-03-27 18:42	2010-12-1	Show	GitHub Exploit DB Packet Storm

251530	4.3	警告	RSAセキュリティ	-	RSA Adaptive Authentication の Shockwave Flash におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-7266	2012-03-27 18:42	2010-11-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254721	7.8	HIGH Local	hawt.io	hawtio	hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-2617	2024-11-21 12:23	2018-05-23	Show	GitHub Exploit DB Packet Storm

254722	4.3	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of t…	CWE-200 Information Exposure	CVE-2017-2609	2024-11-21 12:23	2018-05-23	Show	GitHub Exploit DB Packet Storm

254723	5.4	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes (SECURITY-382). Jenkins allows plugins to annotate build logs, adding new content…	CWE-79 Cross-site Scripting	CVE-2017-2607	2024-11-21 12:23	2018-05-22	Show	GitHub Exploit DB Packet Storm

254724	5.4	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers coul…	CWE-352 Origin Validation Error	CVE-2017-2613	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

254725	5.4	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names…	CWE-79 Cross-site Scripting	CVE-2017-2610	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

254726	4.3	MEDIUM Network	jenkins	jenkins	In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).	CWE-287 Improper Authentication	CVE-2017-2604	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

254727	3.5	LOW Network	jenkins	jenkins	Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. This could leak sensitive data such as API tokens (SECURITY-362).	CWE-200 Information Exposure	CVE-2017-2603	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

254728	4.3	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written …	NVD-CWE-noinfo	CVE-2017-2602	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

254729	5.4	MEDIUM Network	jenkins	jenkins	In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-2612	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

254730	8.8	HIGH Network	jenkins	jenkins	Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs (SECURITY-383).	CWE-502 Deserialization of Untrusted Data	CVE-2017-2608	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm