Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3221	5.3	警告 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-65090	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

3222	10	緊急 Network	XWiki	Full Calendar Macro (macro-fullcalendar-pom)	XWikiのFull Calendar Macro (macro-fullcalendar-pom)におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-65091	2026-02-2 19:31	2026-01-10	Show	GitHub Exploit DB Packet Storm

3223	6.5	警告 Network	Mega-Fence Project	Mega-Fence	Mega-Fence ProjectのMega-Fenceにおけるセキュリティ決定の信頼できない入力への依存に関する脆弱性	CWE-807 セキュリティ決定の信頼できない入力への依存	CVE-2025-65328	2026-02-2 19:31	2026-01-5	Show	GitHub Exploit DB Packet Storm

3224	7.5	重要 Network	WebPros International GmbH	Plesk Obsidian	WebPros International GmbHのPlesk Obsidianにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65518	2026-02-2 19:31	2026-01-8	Show	GitHub Exploit DB Packet Storm

3225	8.8	重要 Network	Qode Interactive	Powerlift	Qode InteractiveのWordPress用Powerliftにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-66532	2026-02-2 19:31	2025-12-9	Show	GitHub Exploit DB Packet Storm

3226	4.8	警告 Network	Hotwire	Turbo	HotwireのTurboにおける競合状態に関する脆弱性	CWE-362 競合状態	CVE-2025-66803	2026-02-2 19:30	2026-01-20	Show	GitHub Exploit DB Packet Storm

3227	7.5	重要 Network	Manos	Websocket Server	ManosのWebsocket Serverにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2025-66902	2026-02-2 19:30	2026-01-20	Show	GitHub Exploit DB Packet Storm

3228	6.1	警告 Network	AnyComment	AnyComment.io	AnyCommentのAnyComment.ioにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-67025	2026-02-2 19:30	2026-01-15	Show	GitHub Exploit DB Packet Storm

3229	7.5	重要 Network	Revotech	I6032W-FHW Firmware	RevotechのI6032W-FHW Firmwareにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2025-67158	2026-02-2 19:30	2026-01-2	Show	GitHub Exploit DB Packet Storm

3230	7.5	重要 Network	Vatilon	PA4 Firmware	VatilonのPA4 Firmwareにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2025-67159	2026-02-2 19:30	2026-01-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348361	-	ubertec	help_center_live	Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the (1) find parameter to index.php, (2) name or (3) message …	NVD-CWE-Other	CVE-2005-1672	2008-09-6 05:49	2005-05-19	Show	GitHub Exploit DB Packet Storm

348362	-	ubertec	help_center_live	Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter…	NVD-CWE-Other	CVE-2005-1673	2008-09-6 05:49	2005-05-19	Show	GitHub Exploit DB Packet Storm

348363	-	groove	groove_workspace virtual_office	Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, whic…	NVD-CWE-Other	CVE-2005-1675	2008-09-6 05:49	2005-05-20	Show	GitHub Exploit DB Packet Storm

348364	-	groove	groove_workspace virtual_office	Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allo…	NVD-CWE-Other	CVE-2005-1676	2008-09-6 05:49	2005-05-20	Show	GitHub Exploit DB Packet Storm

348365	-	groove	groove_workspace virtual_office	Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects.	NVD-CWE-Other	CVE-2005-1677	2008-09-6 05:49	2005-05-20	Show	GitHub Exploit DB Packet Storm

348366	-	groove	groove_workspace virtual_office	Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound …	NVD-CWE-Other	CVE-2005-1678	2008-09-6 05:49	2005-05-20	Show	GitHub Exploit DB Packet Storm

348367	-	sap	sap_r_3	Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request.	NVD-CWE-Other	CVE-2005-1691	2008-09-6 05:49	2005-07-26	Show	GitHub Exploit DB Packet Storm

348368	-	mailscanner	mailscanner	Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection.	NVD-CWE-Other	CVE-2005-1706	2008-09-6 05:49	2005-05-24	Show	GitHub Exploit DB Packet Storm

348369	-	mailscanner	mailscanner	The vendor has released a fixed version (4.42.2)	NVD-CWE-Other	CVE-2005-1706	2008-09-6 05:49	2005-05-24	Show	GitHub Exploit DB Packet Storm

348370	-	clam_anti-virus gibraltar squid	clamav gibraltar_firewall squid	Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses f…	NVD-CWE-Other	CVE-2005-1711	2008-09-6 05:49	2005-05-24	Show	GitHub Exploit DB Packet Storm