Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226611 7.5 危険 Secure Ideas - BASE の base_local_rules.php における任意のフォーカルファイルをインクルードされる脆弱性 CWE-noinfo
情報不足 		CVE-2009-4592 2012-12-20 19:28 2009-10-4 Show GitHub Exploit DB Packet Storm
226612 7.5 危険 Secure Ideas - BASE における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4591 2012-12-20 19:28 2009-10-4 Show GitHub Exploit DB Packet Storm
226613 4.3 警告 Secure Ideas - BASE の base_local_rules.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4590 2012-12-20 19:28 2009-10-4 Show GitHub Exploit DB Packet Storm
226614 5 警告 unleashedmind - Drupal 用の Image Assist モジュールにおける任意のノードタイトルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4558 2012-12-20 19:28 2009-07-15 Show GitHub Exploit DB Packet Storm
226615 2.1 注意 unleashedmind - Drupal 用の Image Assist モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4557 2012-12-20 19:28 2009-07-15 Show GitHub Exploit DB Packet Storm
226616 4.3 警告 viart - ViArt Helpdesk におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4548 2012-12-20 19:28 2010-01-4 Show GitHub Exploit DB Packet Storm
226617 4.3 警告 viart - ViArt CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4547 2012-12-20 19:28 2010-01-4 Show GitHub Exploit DB Packet Storm
226618 4.3 警告 SQLiteManager - SQLiteManager の main.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4539 2012-12-20 19:28 2010-01-4 Show GitHub Exploit DB Packet Storm
226619 4 警告 vsecurity - TANDBERG Video Communication Server (VCS) が稼動している Web 管理インターフェースにおけるディレクトリトラバーサルの脆弱性 CWE-200
情報漏えい 		CVE-2009-4511 2012-12-20 19:28 2010-04-9 Show GitHub Exploit DB Packet Storm
226620 8.5 危険 vsecurity - TANDBERG VCS 上で稼動している SSH サービスにおける任意のサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2009-4510 2012-12-20 19:28 2010-04-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351771 - imatix xitami Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated v… NVD-CWE-Other
CVE-2002-1965 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351772 - my_postcards my_postcards_platinum Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NVD-CWE-Other
CVE-2002-1966 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351773 - mark_hanson xircon Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command. NVD-CWE-Other
CVE-2002-1967 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351774 - com21 doxport_1100 Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal ne… NVD-CWE-Other
CVE-2002-1968 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351775 - the_magic_notebook the_magic_notebook Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. NVD-CWE-Other
CVE-2002-1969 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351776 - snortcenter snortcenter SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passw… NVD-CWE-Other
CVE-2002-1970 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351777 - sourcecraft networking_utils The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument. NVD-CWE-Other
CVE-2002-1971 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351778 - sebastian_dehne pp_powerswitch Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports. NVD-CWE-Other
CVE-2002-1972 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351779 - sharp zaurus The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root. NVD-CWE-Other
CVE-2002-1974 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
351780 - qualcomm eudora Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment w… NVD-CWE-Other
CVE-2002-1210 2008-09-6 05:30 2002-11-29 Show GitHub Exploit DB Packet Storm