Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
251561 4.3 警告 creative guestbook - Creative Guestbook の Guestbook.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1479 2012-06-26 15:46 2007-03-16 Show GitHub Exploit DB Packet Storm
251562 3.5 注意 シスコシステムズ - 複数の Cisco 製品の PreSearch.html などにおけるクロスサイトスクリプティングの脆弱性 - CVE-2007-1467 2012-06-26 15:46 2007-03-15 Show GitHub Exploit DB Packet Storm
251563 10 危険 dproxy - dproxy の dproxy.c におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-1465 2012-06-26 15:46 2007-03-24 Show GitHub Exploit DB Packet Storm
251564 4.3 警告 conga - conga の luci server コンポーネントにおけるパスワードを不正に取得される脆弱性 - CVE-2007-1462 2012-06-26 15:46 2007-03-15 Show GitHub Exploit DB Packet Storm
251565 6.8 警告 care2x - CARE2X における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-1458 2012-06-26 15:46 2007-03-14 Show GitHub Exploit DB Packet Storm
251566 10 危険 christian scheurer - Christian Scheurer unrarlib の urarlib_get 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-1457 2012-06-26 15:46 2007-03-14 Show GitHub Exploit DB Packet Storm
251567 9 危険 netenberg - cPanel で使用される Fantastico における絶対パストラバーサルの脆弱性 - CVE-2007-1455 2012-06-26 15:46 2007-03-14 Show GitHub Exploit DB Packet Storm
251568 2.1 注意 CA Technologies - CA BrightStor ARCserve Backup の Tape Engine におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1448 2012-06-26 15:46 2007-03-16 Show GitHub Exploit DB Packet Storm
251569 10 危険 CA Technologies - CA BrightStor ARCserve Backup の Tape Engine におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-1447 2012-06-26 15:46 2007-03-16 Show GitHub Exploit DB Packet Storm
251570 7.5 危険 danny ho - OES における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2007-1446 2012-06-26 15:46 2007-03-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246921 5.3 MEDIUM
Network
is-my-json-valid_project is-my-json-valid It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause i… - CVE-2018-1107 2024-11-21 12:59 2021-03-30 Show GitHub Exploit DB Packet Storm
246922 7.5 HIGH
Network
ibm security_guardium IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226. CWE-306
Missing Authentication for Critical Function
CVE-2018-1501 2024-11-21 12:59 2020-08-27 Show GitHub Exploit DB Packet Storm
246923 9.8 CRITICAL
Network
apache
fedoraproject
oracle
netapp
log4net
fedora
application_testing_suite
hospitality_simphony
hospitality_opera_5
snapcenter
manageability_software_development_kit
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled … CWE-611
XXE
CVE-2018-1285 2024-11-21 12:59 2020-05-12 Show GitHub Exploit DB Packet Storm
246924 8.1 HIGH
Network
apache
redhat
debian
oracle
fedoraproject
xerces-c\+\+
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_eus
debian_lin…
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library… CWE-416
 Use After Free
CVE-2018-1311 2024-11-21 12:59 2019-12-19 Show GitHub Exploit DB Packet Storm
246925 8.1 HIGH
Network
fortinet fortimanager A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to … CWE-319
Cleartext Transmission of Sensitive Information
CVE-2018-1360 2024-11-21 12:59 2019-04-26 Show GitHub Exploit DB Packet Storm
246926 6.1 MEDIUM
Network
apache zeppelin Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph". CWE-79
Cross-site Scripting
CVE-2018-1328 2024-11-21 12:59 2019-04-24 Show GitHub Exploit DB Packet Storm
246927 8.8 HIGH
Network
apache zeppelin In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication. CWE-287
Improper Authentication
CVE-2018-1317 2024-11-21 12:59 2019-04-24 Show GitHub Exploit DB Packet Storm
246928 6.1 MEDIUM
Network
fortinet fortisandbox A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan com… CWE-79
Cross-site Scripting
CVE-2018-1356 2024-11-21 12:59 2019-04-10 Show GitHub Exploit DB Packet Storm
246929 9.8 CRITICAL
Network
fortinet fortios A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable. CWE-134
Use of Externally-Controlled Format String
CVE-2018-1352 2024-11-21 12:59 2019-02-9 Show GitHub Exploit DB Packet Storm
246930 7.5 HIGH
Network
apache guacamole Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to… CWE-311
Missing Encryption of Sensitive Data
CVE-2018-1340 2024-11-21 12:59 2019-02-8 Show GitHub Exploit DB Packet Storm