Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248851	7.5	危険	free-sa	-	Free-SA における任意のコードを実行される脆弱性	-	CVE-2007-2652	2012-06-26 15:46	2007-05-14	Show	GitHub Exploit DB Packet Storm

248852	5	警告	ClamAV	-	ClamAV の OLE2 パーサにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2650	2012-06-26 15:46	2007-05-14	Show	GitHub Exploit DB Packet Storm

248853	9.3	危険	clever components	-	comparerax.ocx におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2648	2012-06-26 15:46	2007-05-14	Show	GitHub Exploit DB Packet Storm

248854	10	危険	efilecabinet	-	eFileCabinet におけるインターフェースの制限部分へアクセスされる脆弱性	-	CVE-2007-2638	2012-06-26 15:46	2007-05-13	Show	GitHub Exploit DB Packet Storm

248855	6.8	警告	agner fog	-	aForum の common/errormsg.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2634	2012-06-26 15:46	2007-05-13	Show	GitHub Exploit DB Packet Storm

248856	6.5	警告	activecampaign	-	FCKeditor モジュールの filemanager/browser/default/connectors/php/config.php における .php4 および .php5 をアップロードされる脆弱性	-	CVE-2007-2630	2012-06-26 15:46	2007-05-2	Show	GitHub Exploit DB Packet Storm

248857	7.8	危険	Bradford Networks	-	Bradford CampusManager Network Control Application Server における重要な情報を取得される脆弱性	-	CVE-2007-2629	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248858	6.8	警告	aiocp	-	AIOCP の shared/code/cp_authorization.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2625	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248859	6.8	警告	aiocp	-	AIOCP の shared/config/cp_config.php におけるクロスサイトスクリプティング攻撃を誘発する脆弱性	-	CVE-2007-2624	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248860	7.8	危険	fruit2004	-	Remote Display Dev キットの RControl.dll におけるバッファオーバーフローの脆弱性	-	CVE-2007-2623	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196601	7.1	HIGH Local	videolan	vlc_media_player	A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.	CWE-125 Out-of-bounds Read	CVE-2021-25801	2024-11-21 14:55	2021-07-27	Show	GitHub Exploit DB Packet Storm

196602	5.3	MEDIUM Network	ucms_project	ucms	UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.	CWE-209 Information Exposure Through an Error Message	CVE-2021-25809	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196603	7.8	HIGH Local	bludit	bludit	A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.	CWE-94 Code Injection	CVE-2021-25808	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196604	5.4	MEDIUM Network	online_doctor_appointment_system_php_full_source_code_project	online_doctor_appointment_system_php_full_source_code	Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HT…	CWE-79 Cross-site Scripting	CVE-2021-25791	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196605	5.4	MEDIUM Network	house_rental_and_property_listing_php_project	house_rental_and_property_listing_php	Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML vi…	CWE-79 Cross-site Scripting	CVE-2021-25790	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196606	6.1	MEDIUM Network	fantastic_blog_project	fantastic_blog	Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php.	CWE-79 Cross-site Scripting	CVE-2021-26224	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196607	9.8	CRITICAL Network	casap_automated_enrollment_system_project	casap_automated_enrollment_system	SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.	CWE-89 SQL Injection	CVE-2021-26223	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196608	9.8	CRITICAL Network	casap_automated_enrollment_system_project	casap_automated_enrollment_system	SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.	CWE-89 SQL Injection	CVE-2021-26226	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196609	9.8	CRITICAL Network	simple_college_website_project	simple_college_website	SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php.	CWE-89 SQL Injection	CVE-2021-26232	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196610	9.8	CRITICAL Network	fantastic_blog_cms_project	fantastic_blog_cms	SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php.	CWE-89 SQL Injection	CVE-2021-26231	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm