Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193191 7.8 重要
Local 		Nitro Software, Inc. - Nitro Pro の PDF 構文解析機能におけるリモートでコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-8711 2017-03-7 16:51 2016-10-13 Show GitHub Exploit DB Packet Storm
193192 7.8 重要
Local 		Nitro Software, Inc. - Nitro Pro の PDF 構文解析機能におけるリモートでの境界外書き込みの脆弱性 CWE-119
バッファエラー 		CVE-2016-8709 2017-03-7 16:51 2016-09-30 Show GitHub Exploit DB Packet Storm
193193 9.8 緊急
Network 		Facebook - Facebook HHVM の wddx の無限再帰における脆弱性 CWE-674
不適切な再帰制御 		CVE-2016-6875 2017-03-7 16:43 2016-08-2 Show GitHub Exploit DB Packet Storm
193194 9.8 緊急
Network 		Facebook - Facebook HHVM の array_*_recursive 関数における脆弱性 CWE-674
不適切な再帰制御 		CVE-2016-6874 2017-03-7 16:43 2016-08-2 Show GitHub Exploit DB Packet Storm
193195 9.8 緊急
Network 		Facebook - Facebook HHVM の圧縮の自己再帰における脆弱性 CWE-674
不適切な再帰制御 		CVE-2016-6873 2017-03-7 16:43 2016-08-2 Show GitHub Exploit DB Packet Storm
193196 9.8 緊急
Network 		Facebook - Facebook HHVM の StringUtil::implode における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-6872 2017-03-7 16:43 2016-08-2 Show GitHub Exploit DB Packet Storm
193197 9.8 緊急
Network 		Facebook - Facebook HHVM の bcmath における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-6871 2017-03-7 16:43 2016-08-2 Show GitHub Exploit DB Packet Storm
193198 9.8 緊急
Network 		Facebook - Facebook HHVM の複数の関数における境界外書き込みの脆弱性 CWE-787
境界外書き込み 		CVE-2016-6870 2017-03-7 16:43 2016-07-2 Show GitHub Exploit DB Packet Storm
193199 7.5 重要
Network 		WSO2 - WSO2 Identity Server の XACML フロー機能における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2016-4312 2017-03-7 16:17 2016-08-12 Show GitHub Exploit DB Packet Storm
193200 8.8 重要
Network 		WSO2 - WSO2 Identity Server の XACML フロー機能におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2016-4311 2017-03-7 16:17 2016-08-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293761 - icash click\&email Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action. CWE-79
Cross-site Scripting 		CVE-2008-5893 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293762 - mediatheka mediatheka Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. CWE-22
Path Traversal 		CVE-2008-5894 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293763 - mediatheka mediatheka SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. CWE-89
SQL Injection 		CVE-2008-5895 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293764 - codeavalanche ratemysite CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator pas… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5896 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293765 - codeavalanche freewallpaper CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5897 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293766 - codeavalanche directory CodeAvalanche Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator pass… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5898 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293767 - codeavalanche freeforall CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator pas… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5899 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293768 - codeavalanche articles CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator passw… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5900 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293769 - iyziforum iyzi_forum iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5901 2017-09-29 10:32 2009-01-13 Show GitHub Exploit DB Packet Storm
293770 - mozilla firefox
seamonkey 		The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only… NVD-CWE-Other
CVE-2008-5913 2017-09-29 10:32 2009-01-21 Show GitHub Exploit DB Packet Storm