Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 12, 2025, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198711 7.5 危険 アライドテレシス - Allied Telesis AT-9000/24 Ethernet スイッチにおける不正のアクションを実行される脆弱性 - CVE-2006-6718 2012-06-26 15:38 2006-12-23 Show GitHub Exploit DB Packet Storm
198712 7.5 危険 アライドテレシス - Allied Telesis AT-9000/24 Ethernet スイッチにおける想定外のロケーションから攻撃を実行される脆弱性 - CVE-2006-6717 2012-06-26 15:38 2006-12-23 Show GitHub Exploit DB Packet Storm
198713 7.5 危険 eric guillaume - Eric GUILLAUME uploader&downloader における SQL インジェクションの脆弱性 - CVE-2006-6716 2012-06-26 15:38 2006-12-23 Show GitHub Exploit DB Packet Storm
198714 6.8 警告 atmail pty ltd - @Mail の Webadmin におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6704 2012-06-26 15:38 2006-12-22 Show GitHub Exploit DB Packet Storm
198715 6.8 警告 atmail pty ltd - Atmail の Global.pm におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6702 2012-06-26 15:38 2006-12-22 Show GitHub Exploit DB Packet Storm
198716 7.5 危険 atmail pty ltd - Atmail WebMail の util.pl におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2006-6701 2012-06-26 15:38 2006-12-22 Show GitHub Exploit DB Packet Storm
198717 6.8 警告 calacode - @Mail WebMail におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6700 2012-06-26 15:38 2006-12-22 Show GitHub Exploit DB Packet Storm
198718 6.8 警告 carsen klock - Carsen Klock TextSend の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6695 2012-06-26 15:38 2006-12-21 Show GitHub Exploit DB Packet Storm
198719 5 警告 chetcpasswd - Pedro Lineu Orso chetcpasswd におけるシステム上の有効なユーザ名を決定される脆弱性 - CVE-2006-6682 2012-06-26 15:38 2006-12-21 Show GitHub Exploit DB Packet Storm
198720 7.5 危険 chetcpasswd - Pedro Lineu Orso chetcpasswd におけるパスワードを特定される脆弱性 - CVE-2006-6681 2012-06-26 15:38 2006-12-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 12, 2025, 4:59 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
270671 - feed2js feed2js Cross-site scripting (XSS) vulnerability in Feed to JavaScript (Feed2JS) 1.91 allows remote attackers to inject arbitrary web script or HTML via a URL in a feed. CWE-79
Cross-site Scripting 		CVE-2007-6102 2011-03-8 12:01 2007-11-24 Show GitHub Exploit DB Packet Storm
270672 - irc_services irc_services Unspecified vulnerability in IRC Services 5.1.8 has unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2007-6123 2011-03-8 12:01 2007-11-27 Show GitHub Exploit DB Packet Storm
270673 - gnu gnump3d gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions. CWE-287
Improper Authentication 		CVE-2007-6130 2011-03-8 12:01 2007-11-27 Show GitHub Exploit DB Packet Storm
270674 - redhat fedora_core buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files. CWE-16
Configuration 		CVE-2007-6131 2011-03-8 12:01 2007-11-27 Show GitHub Exploit DB Packet Storm
270675 - xunlei web_thunder Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-5064 2011-03-8 12:00 2007-09-25 Show GitHub Exploit DB Packet Storm
270676 - kaspersky_lab kaspersky_anti-virus
kaspersky_internet_security 		Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows lo… CWE-20
 Improper Input Validation  		CVE-2007-5086 2011-03-8 12:00 2007-09-26 Show GitHub Exploit DB Packet Storm
270677 - phpbb phpbb_plus Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a before 20070922, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in t… CWE-94
Code Injection 		CVE-2007-5100 2011-03-8 12:00 2007-09-27 Show GitHub Exploit DB Packet Storm
270678 - dragonfrugal dfd_cart Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2007-5136 2011-03-8 12:00 2007-09-29 Show GitHub Exploit DB Packet Storm
270679 - xoops xoops Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17.1-RC1 and earlier allows remote attackers to upload arbitrary files via unspecified vectors related to improper upload configurat… NVD-CWE-noinfo
CVE-2007-5188 2011-03-8 12:00 2007-10-3 Show GitHub Exploit DB Packet Storm
270680 - nagios plugins Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location heade… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2007-5198 2011-03-8 12:00 2007-10-5 Show GitHub Exploit DB Packet Storm