Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251671 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0029 2010-03-2 11:26 2010-02-9 Show GitHub Exploit DB Packet Storm
251672 10 危険 マイクロソフト - Microsoft Office の MSO.DLL におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0243 2010-03-1 11:37 2010-02-9 Show GitHub Exploit DB Packet Storm
251673 9.3 危険 マイクロソフト - Microsoft DirectX の DirectShow におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0250 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
251674 7.8 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0242 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
251675 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0241 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
251676 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0240 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
251677 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0239 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
251678 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0017 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
251679 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0016 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
251680 5 警告 日立 - uCosminexus Portal Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-02-26 11:36 2010-01-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283931 - simplenews simplenews SimpNews 2.41.03 allows remote attackers to obtain sensitive information via (1) an invalid lang parameter to admin/index.php; or a direct request to (2) admin/dbg_infos.php, (3) admin/heading.php, o… NVD-CWE-Other
CVE-2007-4872 2018-10-16 06:38 2007-09-28 Show GitHub Exploit DB Packet Storm
283932 - simplenews simplenews SimpNews 2.41.03 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download arbitrary .inc files via a direct request, as demonstrated… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-4873 2018-10-16 06:38 2007-09-28 Show GitHub Exploit DB Packet Storm
283933 - boesch-it simpnews Multiple cross-site scripting (XSS) vulnerabilities in SimpNews 2.41.03 allow remote attackers to inject arbitrary web script or HTML via the (1) l_username parameter to admin/layout2b.php, and the (… CWE-79
Cross-site Scripting 		CVE-2007-4874 2018-10-16 06:38 2007-09-27 Show GitHub Exploit DB Packet Storm
283934 - psi-labs social_networking_script_psisns SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter. CWE-89
SQL Injection 		CVE-2007-4881 2018-10-16 06:38 2007-09-14 Show GitHub Exploit DB Packet Storm
283935 - php php The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage… CWE-20
 Improper Input Validation  		CVE-2007-4887 2018-10-16 06:38 2007-09-14 Show GitHub Exploit DB Packet Storm
283936 - php mysql_extension
php 		The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, … NVD-CWE-Other
CVE-2007-4889 2018-10-16 06:38 2007-09-14 Show GitHub Exploit DB Packet Storm
283937 - toms-seiten.at toms_gastenbuch Multiple cross-site scripting (XSS) vulnerabilities in admin/header.php in Toms Gaestebuch 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) lang[adminseite],… CWE-79
Cross-site Scripting 		CVE-2007-4896 2018-10-16 06:38 2007-09-15 Show GitHub Exploit DB Packet Storm
283938 - ekiga ekiga pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a… CWE-399
 Resource Management Errors 		CVE-2007-4897 2018-10-16 06:38 2007-09-15 Show GitHub Exploit DB Packet Storm
283939 - berkeley boinc_forum Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.10.20 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to forum_forum.php, or th… CWE-79
Cross-site Scripting 		CVE-2007-4899 2018-10-16 06:38 2007-09-15 Show GitHub Exploit DB Packet Storm
283940 - rsa envision Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web script or HTML via the username field. CWE-79
Cross-site Scripting 		CVE-2007-4900 2018-10-16 06:38 2007-09-15 Show GitHub Exploit DB Packet Storm