Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193991 6.8 警告
Physics 		cryptsetup project - cryptsetup パッケージ用 Debian initrd スクリプトにおけるシェルのアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2016-4484 2017-02-8 18:15 2016-11-17 Show GitHub Exploit DB Packet Storm
193992 8.8 重要
Network 		GitLab.org - Gitlab の偽装の機能における他のユーザとして "ログイン" される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-4340 2017-02-8 18:15 2016-05-2 Show GitHub Exploit DB Packet Storm
193993 9.8 緊急
Network 		Magento, Inc. - Magento CE および EE における PHP オブジェクトインジェクション攻撃を実行される脆弱性 CWE-74
インジェクション 		CVE-2016-4010 2017-02-8 17:23 2016-05-17 Show GitHub Exploit DB Packet Storm
193994 9.8 緊急
Network 		LibGD project - GD Graphics ライブラリの gdImageWebPtr 関数におけるメモリ二重解放の脆弱性 CWE-415
二重解放 		CVE-2016-6912 2017-02-8 17:03 2016-08-17 Show GitHub Exploit DB Packet Storm
193995 7.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen の x86 エミュレータにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9386 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
193996 6 警告
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen の x86 セグメントベースの書き込みのエミュレーション機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9385 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
193997 8.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における任意のメモリを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9383 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
193998 7.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9382 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
193999 7.5 重要
Local 		シトリックス・システムズ
Fabrice Bellard		 - Xen の QEMU における権限を取得される脆弱性 CWE-264
CWE-362
CVE-2016-9381 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
194000 8.8 重要
Adjacent 		Ubiquiti Networks - Ubiquiti Networks UniFi におけるデータベースを変更される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-7792 2017-02-8 16:52 2016-09-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293691 - crystal_reality_llc crystalplayer_pro Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary code via a long string in a .mls Playlist file. NVD-CWE-Other
CVE-2007-4032 2017-09-29 10:29 2007-07-28 Show GitHub Exploit DB Packet Storm
293692 - joomla pony_gallery SQL injection vulnerability in index.php in the Pony Gallery (com_ponygallery) 1.5 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. NVD-CWE-Other
CVE-2007-4046 2017-09-29 10:29 2007-07-28 Show GitHub Exploit DB Packet Storm
293693 - linpha linpha SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the order parameter to new_images.php. NVD-CWE-Other
CVE-2007-4053 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm
293694 - php123 top_sites SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute arbitrary SQL commands via the cat parameter. NVD-CWE-Other
CVE-2007-4054 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm
293695 - 8pixel.net simple_blog SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this may be related to CVE-2006-4300. NVD-CWE-Other
CVE-2007-4055 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm
293696 - adult_directory adult_directory SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. NOTE: the original report… CWE-89
SQL Injection 		CVE-2007-4056 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm
293697 - neocrome seditio Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with (1) .php.gif, (2) .php.… NVD-CWE-Other
CVE-2007-4057 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm
293698 - emc vmware Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the… CWE-22
Path Traversal 		CVE-2007-4058 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm
293699 - vmware workstation Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathn… NVD-CWE-Other
CVE-2007-4059 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm
293700 - frank_yaul corehttp Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) U… NVD-CWE-Other
CVE-2007-4060 2017-09-29 10:29 2007-07-31 Show GitHub Exploit DB Packet Storm