Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248861	7.5	危険	extrovert software	-	Thyme Calendar の event_view.php における SQL インジェクションの脆弱性	-	CVE-2007-2621	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248862	5.1	警告	drake team	-	Drake CMS の index.php における CRLF インジェクションの脆弱性	-	CVE-2007-2618	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248863	7.5	危険	crie sue	-	Crie seu PHPLojaFacil における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2615	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248864	6.8	警告	cgx	-	CGX における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2611	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248865	7.5	危険	gnuedu	-	gnuedu における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2609	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248866	7.8	危険	Firebird Project	-	Firebird におけるバッファオーバーフローの脆弱性	-	CVE-2007-2606	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248867	7.1	危険	brujula toolbar	-	Brujula Toolbar の BRUJULA4.NET.DLL におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2605	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248868	7.8	危険	brew city software	-	FlexLabel ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2604	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248869	7.8	危険	audio cd tools	-	Audio CD Ripper OCX ActiveX コントロールの Init 関数におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2603	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

248870	9.3	危険	divx city	-	fix.dll の GDivX Zenith Player AviFixer クラスの ActiveX コントロールにおけるバッファオーバーフローの脆弱性	-	CVE-2007-2601	2012-06-26 15:46	2007-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196601	7.1	HIGH Local	videolan	vlc_media_player	A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.	CWE-125 Out-of-bounds Read	CVE-2021-25801	2024-11-21 14:55	2021-07-27	Show	GitHub Exploit DB Packet Storm

196602	5.3	MEDIUM Network	ucms_project	ucms	UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.	CWE-209 Information Exposure Through an Error Message	CVE-2021-25809	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196603	7.8	HIGH Local	bludit	bludit	A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.	CWE-94 Code Injection	CVE-2021-25808	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196604	5.4	MEDIUM Network	online_doctor_appointment_system_php_full_source_code_project	online_doctor_appointment_system_php_full_source_code	Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HT…	CWE-79 Cross-site Scripting	CVE-2021-25791	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196605	5.4	MEDIUM Network	house_rental_and_property_listing_php_project	house_rental_and_property_listing_php	Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML vi…	CWE-79 Cross-site Scripting	CVE-2021-25790	2024-11-21 14:55	2021-07-24	Show	GitHub Exploit DB Packet Storm

196606	6.1	MEDIUM Network	fantastic_blog_project	fantastic_blog	Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php.	CWE-79 Cross-site Scripting	CVE-2021-26224	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196607	9.8	CRITICAL Network	casap_automated_enrollment_system_project	casap_automated_enrollment_system	SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.	CWE-89 SQL Injection	CVE-2021-26223	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196608	9.8	CRITICAL Network	casap_automated_enrollment_system_project	casap_automated_enrollment_system	SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.	CWE-89 SQL Injection	CVE-2021-26226	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196609	9.8	CRITICAL Network	simple_college_website_project	simple_college_website	SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php.	CWE-89 SQL Injection	CVE-2021-26232	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm

196610	9.8	CRITICAL Network	fantastic_blog_cms_project	fantastic_blog_cms	SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php.	CWE-89 SQL Injection	CVE-2021-26231	2024-11-21 14:55	2021-07-23	Show	GitHub Exploit DB Packet Storm