Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193111	9.8	緊急 Network	libxpm project	-	libXpm における整数オーバーフローの脆弱性	CWE-119 CWE-190 CWE-787	CVE-2016-10164	2017-03-9 11:29	2016-12-12	Show	GitHub Exploit DB Packet Storm

193112	5.9	警告 Network	ChatSecure Zom	-	ChatSecure および Zom の複数の XMPP クライアントの "XEP-0280: Message Carbons" の実装における連絡先を含むユーザになりすまされる脆弱性	CWE-20 CWE-346	CVE-2017-5590	2017-03-8 19:10	2017-01-24	Show	GitHub Exploit DB Packet Storm

193113	6.1	警告 Network	Visonic	-	Visonic PowerLink2 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-5811	2017-03-8 19:06	2016-12-13	Show	GitHub Exploit DB Packet Storm

193114	9.8	緊急 Network	OmniMetrix, LLC	-	OmniMetrix OmniView Web アプリケーションにおけるアクセス権を取得される脆弱性	CWE-284 不適切なアクセス制御	CVE-2016-5801	2017-03-8 19:02	2016-12-15	Show	GitHub Exploit DB Packet Storm

193115	7.5	重要 Network	OmniMetrix, LLC	-	OmniMetrix OmniView Web アプリケーションにおけるアカウント認証情報が漏えいする脆弱性	CWE-200 情報漏えい	CVE-2016-5786	2017-03-8 19:02	2016-12-15	Show	GitHub Exploit DB Packet Storm

193116	9.8	緊急 Network	Lynxspring	-	Lynxspring JENEsys BAS Bridge におけるアプリケーションのデータベースにおいて認証情報の保護に十分なセーフガードが欠落している脆弱性	CWE-255 証明書・パスワード管理	CVE-2016-8378	2017-03-8 18:51	2016-11-15	Show	GitHub Exploit DB Packet Storm

193117	8.8	重要 Network	Lynxspring	-	Lynxspring JENEsys BAS Bridge におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2016-8369	2017-03-8 18:51	2016-11-15	Show	GitHub Exploit DB Packet Storm

193118	8.6	重要 Network	Lynxspring	-	Lynxspring JENEsys BAS Bridge における認証なしでシステム内に侵入される脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2016-8361	2017-03-8 18:51	2016-11-15	Show	GitHub Exploit DB Packet Storm

193119	7.1	重要 Network	Lynxspring	-	Lynxspring JENEsys BAS Bridge における読み取り専用アクセスでアプリケーション内にて任意の変更を許可される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-8357	2017-03-8 18:51	2016-11-15	Show	GitHub Exploit DB Packet Storm

193120	6.1	警告 Network	Moxa Inc.	-	複数の Moxa NPort 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-9371	2017-03-8 18:37	2016-12-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
294051	-	jamroom	jamroom	PHP remote file inclusion vulnerability in include/plugins/jrBrowser/payment.php in Jamroom 3.3.0 through 3.3.5 allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] …	CWE-94 Code Injection	CVE-2008-2883	2017-09-29 10:31	2008-06-27	Show	GitHub Exploit DB Packet Storm

294052	-	odars	odars	PHP remote file inclusion vulnerability in src/browser/resource/categories/resource_categories_view.php in Open Digital Assets Repository System (ODARS) 1.0.2, when register_globals is enabled, allow…	CWE-94 Code Injection	CVE-2008-2885	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294053	-	jamroom	jamroom	PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP co…	CWE-94 Code Injection	CVE-2008-2886	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294054	-	migcms	migcms	Multiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[application][app_ro…	CWE-94 Code Injection	CVE-2008-2888	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294055	-	emusoft	emucms	SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a category action.	CWE-89 SQL Injection	CVE-2008-2891	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294056	-	feellove joomla	exp_shop_component com_expshop	SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index…	CWE-89 SQL Injection	CVE-2008-2892	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294057	-	ajhyip	aj_square_aj-hyip	SQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532.	CWE-89 SQL Injection	CVE-2008-2893	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294058	-	getfireant	fireant	Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.	CWE-22 Path Traversal	CVE-2008-2896	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294059	-	pagesquid	pagesquid_cms	SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter.	CWE-89 SQL Injection	CVE-2008-2897	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm

294060	-	hedgehog-cms	hedgehog-cms	Directory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the c_temp_path parameter. NOT…	CWE-22 Path Traversal	CVE-2008-2898	2017-09-29 10:31	2008-06-28	Show	GitHub Exploit DB Packet Storm