Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227551	7.5	危険	Trivantis Corporation Inc.	-	Trivantis CourseMill Enterprise Learning Management System の userlogin.jsp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6338	2012-12-20 18:34	2007-12-14	Show	GitHub Exploit DB Packet Storm

227552	5	警告	sergey lyubka	-	Windows 上で稼動する Sergey Lyubka Simple HTTPD におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2007-6326	2012-12-20 18:34	2007-12-13	Show	GitHub Exploit DB Packet Storm

227553	5	警告	xml2owl	-	xml2owl の filedownload.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-6322	2012-12-20 18:34	2007-12-13	Show	GitHub Exploit DB Packet Storm

227554	4.3	警告	Roundcube.net	-	RoundCube webmail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6321	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

227555	6.8	警告	WordPress.org	-	WordPress の wp-includes/query.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6318	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

227556	5.5	警告	Real Time Logic	-	BarracudaDrive Web Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-6317	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

227557	4.3	警告	Real Time Logic	-	BarracudaDrive Web Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6316	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

227558	4	警告	Real Time Logic	-	Group Chat の BarracudaDrive Web Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2007-6315	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

227559	5	警告	Real Time Logic	-	BarracudaDrive Web Server における Web スクリプトに対するソースコードを読まれる脆弱性	CWE-20 不適切な入力確認	CVE-2007-6314	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

227560	4.3	警告	ウェブセンス	-	Websense Enterprise および Web Security Suite の Web Reporting Tools portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6312	2012-12-20 18:34	2007-12-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313211	-		yabbforumsoftware	yet_another_bulletin_board	YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.	CWE-203 Information Exposure Through Discrepancy	CVE-2004-0294	2024-02-14 23:32	2004-11-23	Show	GitHub Exploit DB Packet Storm

313212	-		ibm	aix	AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.	CWE-203 Information Exposure Through Discrepancy	CVE-2004-0243	2024-02-14 23:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

313213	5.5	MEDIUM Local	-	-	Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932	-	CVE-2024-0584	2024-02-14 15:15	2024-01-16	Show	GitHub Exploit DB Packet Storm

313214	7.8	HIGH Local	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-42915	2024-02-14 12:15	2024-01-23	Show	GitHub Exploit DB Packet Storm

313215	-		jvehicles	com_jvehicles	SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlist…	CWE-89 SQL Injection	CVE-2010-1873	2024-02-14 10:17	2010-05-12	Show	GitHub Exploit DB Packet Storm

313216	-		vmware	player ace workstation server	VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 bef…	CWE-134 Use of Externally-Controlled Format String	CVE-2009-4811	2024-02-14 10:17	2010-04-28	Show	GitHub Exploit DB Packet Storm

313217	-		hp	operations_manager	Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argu…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-1033	2024-02-14 10:17	2010-04-21	Show	GitHub Exploit DB Packet Storm

313218	-		tukeva	password_reminder	TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for rem.accdb, which allows local users to discover credentials via a DBI connection.	CWE-255 Credentials Management	CVE-2009-4781	2024-02-14 10:17	2010-04-21	Show	GitHub Exploit DB Packet Storm

313219	-		microsoft	windows_xp windows_vista	The ANI parser in Microsoft Windows before 7 on the x86 platform, as used in Internet Explorer and other applications, allows remote attackers to cause a denial of service (memory and CPU consumption…	CWE-399 Resource Management Errors	CVE-2010-1098	2024-02-14 10:17	2010-03-25	Show	GitHub Exploit DB Packet Storm

313220	-		kiss-software	com_ksadvertiser	SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid para…	CWE-89 SQL Injection	CVE-2010-0946	2024-02-14 10:17	2010-03-9	Show	GitHub Exploit DB Packet Storm