Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228221	6.8	警告	ruben boelinger	-	WordPress 用の wordTube プラグインの wordtube-button.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2481	2012-12-20 18:19	2007-05-3	Show	GitHub Exploit DB Packet Storm

228222	7.5	危険	turnkey web tools	-	Turnkey Web Tools SunShop Shopping Cart における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2474	2012-12-20 18:19	2007-05-2	Show	GitHub Exploit DB Packet Storm

228223	4.3	警告	sendcard	-	Sendcard の sendcard.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2472	2012-12-20 18:19	2007-05-2	Show	GitHub Exploit DB Packet Storm

228224	5	警告	sendcard	-	Sendcard の sendcard.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2471	2012-12-20 18:19	2007-05-2	Show	GitHub Exploit DB Packet Storm

228225	4.9	警告	zonelabs	-	ZoneAlarm におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2467	2012-12-20 18:19	2007-05-2	Show	GitHub Exploit DB Packet Storm

228226	7.8	危険	サン・マイクロシステムズ	-	Sun Java System Directory Server および Sun ONE Directory Server で使用されている C 用の LDAP SDK におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2466	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

228227	7.8	危険	tony cook	-	Imager perl モジュールの BMP リーダにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-2459	2012-12-20 18:19	2007-05-2	Show	GitHub Exploit DB Packet Storm

228228	7.5	危険	pixaria	-	Pixaria Gallery における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2458	2012-12-20 18:19	2007-04-15	Show	GitHub Exploit DB Packet Storm

228229	7.5	危険	pixaria	-	Pixaria Gallery の resources/includes/class.Smarty.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2457	2012-12-20 18:19	2007-04-15	Show	GitHub Exploit DB Packet Storm

228230	2.1	注意	CollabNet, Inc.	-	Subversion における重要な情報 (プロパティの改定) を取得される脆弱性	-	CVE-2007-2448	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313241	-	phppgadmin	phppgadmin	Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.	NVD-CWE-Other	CVE-2001-0479	2024-02-14 10:17	2001-06-27	Show	GitHub Exploit DB Packet Storm

313242	-	pccs-linux	mysqldatabase_admin_tool	PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative p…	NVD-CWE-Other	CVE-2000-0707	2024-02-14 10:17	2000-10-20	Show	GitHub Exploit DB Packet Storm

313243	-	inter7	vpopmail_vchkpw	vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or P…	NVD-CWE-Other	CVE-2000-0583	2024-02-14 10:17	2000-06-30	Show	GitHub Exploit DB Packet Storm

313244	-	matt_wright	formmail	Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter.	NVD-CWE-Other	CVE-2000-0411	2024-02-14 10:17	2000-05-10	Show	GitHub Exploit DB Packet Storm

313245	-	gossamer_threads	dbman	The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.	NVD-CWE-Other	CVE-2000-0381	2024-02-14 10:17	2000-05-5	Show	GitHub Exploit DB Packet Storm

313246	-	bray_systems	linux_trustees	The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name.	NVD-CWE-Other	CVE-2000-0274	2024-02-14 10:17	2000-04-10	Show	GitHub Exploit DB Packet Storm

313247	-	vqsoft	vqserver	vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack.	NVD-CWE-Other	CVE-2000-0240	2024-02-14 10:17	2000-03-21	Show	GitHub Exploit DB Packet Storm

313248	-	infopop	ultimate_bulletin_board	Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field.	NVD-CWE-Other	CVE-2000-0141	2024-02-14 10:17	2000-02-11	Show	GitHub Exploit DB Packet Storm

313249	-	infopop	ultimate_bulletin_board	Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file.	NVD-CWE-Other	CVE-1999-0854	2024-02-14 10:17	1999-11-1	Show	GitHub Exploit DB Packet Storm

313250	-	ethereal_group	ethereal	Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.	NVD-CWE-Other	CVE-1999-1227	2024-02-14 10:17	1999-07-30	Show	GitHub Exploit DB Packet Storm