Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
791	5.4	警告 Network	GitHub	Enterprise Server	GitHubのEnterprise Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-13744	2026-02-2 19:27	2026-01-6	Show	GitHub Exploit DB Packet Storm

792	5.5	警告 Local	OpenVPN Technologies	OpenVPN	OpenVPN TechnologiesのOpenVPNにおける複数の脆弱性	CWE-770 CWE-775 CWE-841	CVE-2025-13751	2026-02-2 19:27	2025-12-3	Show	GitHub Exploit DB Packet Storm

793	4.9	警告 Network	IBM	IBM Aspera Console	IBMのIBM Aspera Consoleにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2025-13925	2026-02-2 19:27	2026-01-20	Show	GitHub Exploit DB Packet Storm

794	7.5	重要 Network	TP-LINK Technologies	TL-WA850RE ファームウェア	TP-LINK TechnologiesのTL-WA850RE ファームウェアにおける認証に関する脆弱性	CWE-287 CWE-noinfo	CVE-2025-14738	2026-02-2 19:27	2025-12-18	Show	GitHub Exploit DB Packet Storm

795	6.1	警告 Network	Philip Okugbe	Simple-PHP-Blog	Philip OkugbeのSimple-PHP-Blogにおける複数の脆弱性	CWE-79 CWE-79 CWE-94	CVE-2025-15223	2026-02-2 19:27	2025-12-31	Show	GitHub Exploit DB Packet Storm

796	9.8	緊急 Network	HzManyun	Education and Training System	HzManyunのEducation and Training Systemにおける複数の脆弱性	CWE-74 CWE-77 CWE-77	CVE-2025-1946	2026-02-2 19:27	2025-03-4	Show	GitHub Exploit DB Packet Storm

797	9.8	緊急 Network	HzManyun	Education and Training System	HzManyunのEducation and Training Systemにおける複数の脆弱性	CWE-74 CWE-77 CWE-77	CVE-2025-1947	2026-02-2 19:26	2025-03-4	Show	GitHub Exploit DB Packet Storm

798	4.6	警告 Physics	サムスン	Gallery	サムスンのGalleryにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-20966	2026-02-2 19:26	2025-05-7	Show	GitHub Exploit DB Packet Storm

799	9.1	緊急 Network	サムスン	Gallery	サムスンのGalleryにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-20967	2026-02-2 19:26	2025-05-7	Show	GitHub Exploit DB Packet Storm

800	9.1	緊急 Network	サムスン	Gallery	サムスンのGalleryにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-20968	2026-02-2 19:26	2025-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
283451	-	wabbit	wabbit_php_gallery	Multiple cross-site scripting (XSS) vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) pic and (2) gal parameters.	NVD-CWE-Other	CVE-2007-2098	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283452	-	openconcept	back-end_cms	Cross-site scripting (XSS) vulnerability in htdocs/php.php in OpenConcept Back-End CMS 0.4.7 allows remote attackers to inject arbitrary web script or HTML via the page[] parameter.	NVD-CWE-Other	CVE-2007-2099	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283453	-	fac_guestbook	fac_guestbook	FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/Gdb.mdb.	NVD-CWE-Other	CVE-2007-2100	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283454	-	my_little_homepage	my_little_weblog	Cross-site scripting (XSS) vulnerability in weblog.php in my little weblog allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vector than CVE-2006-6087.	NVD-CWE-Other	CVE-2007-2102	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283455	-	my_little_homepage	my_little_forum	Multiple PHP remote file inclusion vulnerabilities in my little forum 1.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php and (2) timedifference.…	NVD-CWE-Other	CVE-2007-2103	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283456	-	ixon_cms	ixon_cms	Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme_url parameter to (1) index.php, (2) p…	NVD-CWE-Other	CVE-2007-2104	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283457	-	monkey_cms	monkey_cms	Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the admin_skin parameter.	NVD-CWE-Other	CVE-2007-2105	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283458	-	kai_content_management_system	kai_content_management_system	Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the current_them…	NVD-CWE-Other	CVE-2007-2106	2018-10-17 01:41	2007-04-18	Show	GitHub Exploit DB Packet Storm

283459	-	microsoft oracle	windows database_server	Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote attackers to have an unknown impact, aka DB01. NOTE: as of …	NVD-CWE-noinfo CWE-264 Permissions, Privileges, and Access Controls	CVE-2007-2108	2018-10-17 01:41	2007-04-19	Show	GitHub Exploit DB Packet Storm

283460	-	oracle	database_server	Unspecified vulnerability in the Core RDBMS component for Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.4 on Windows systems has unknown impact and attack vectors, aka DB03. NOTE: as of 20070424, Or…	NVD-CWE-noinfo	CVE-2007-2110	2018-10-17 01:41	2007-04-19	Show	GitHub Exploit DB Packet Storm