Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194351	5.3	警告 Network	Moodle	-	Moodle におけるフォーラムの属性が不正にサニタイズされる脆弱性	CWE-20 不適切な入力確認	CVE-2017-2576	2017-01-31 14:29	2017-01-17	Show	GitHub Exploit DB Packet Storm

194352	5.3	警告 Network	Moodle	-	Moodle におけるコースのノートを閲覧される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-8644	2017-01-31 14:28	2016-11-21	Show	GitHub Exploit DB Packet Storm

194353	4.3	警告 Network	Moodle	-	Moodle における管理者情報を編集される脆弱性	CWE-284 不適切なアクセス制御	CVE-2016-8643	2017-01-31 14:28	2016-11-21	Show	GitHub Exploit DB Packet Storm

194354	5.3	警告 Network	Moodle	-	Moodle の question エンジンにおけるファイルにアクセスされる脆弱性	CWE-284 不適切なアクセス制御	CVE-2016-8642	2017-01-31 14:28	2016-11-21	Show	GitHub Exploit DB Packet Storm

194355	7.3	重要 Network	Moodle	-	Moodle のウェブサービストークンにおける脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2016-7038	2017-01-31 14:27	2016-09-12	Show	GitHub Exploit DB Packet Storm

194356	5.4	警告 Network	Moodle	-	Moodle の event monitor における未登録のユーザに通知が送信される脆弱性	CWE-200 情報漏えい	CVE-2016-5014	2017-01-31 14:27	2016-07-19	Show	GitHub Exploit DB Packet Storm

194357	5.4	警告 Network	Moodle	-	Moodle における電子メールのヘッダにテキストを挿入される脆弱性	CWE-74 インジェクション	CVE-2016-5013	2017-01-31 14:27	2016-07-19	Show	GitHub Exploit DB Packet Storm

194358	5.3	警告 Network	Moodle	-	Moodle の用語集の検索におけるエントリを表示される脆弱性	CWE-200 情報漏えい	CVE-2016-5012	2017-01-31 14:27	2016-07-19	Show	GitHub Exploit DB Packet Storm

194359	7.5	重要 Network	HexChat	-	HexChat の common/inbound.c の inbound_cap_ls 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-2233	2017-01-31 14:18	2016-02-7	Show	GitHub Exploit DB Packet Storm

194360	7.4	重要 Network	HexChat	-	HexChat のクライアントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-2087	2017-01-31 14:18	2016-01-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293101	-	celina_jorge	facil_cms	Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload paramete…	CWE-22 Path Traversal	CVE-2008-7176	2017-09-29 10:33	2009-09-8	Show	GitHub Exploit DB Packet Storm

293102	-	xoops	uploader	Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.	CWE-22 Path Traversal	CVE-2008-7178	2017-09-29 10:33	2009-09-8	Show	GitHub Exploit DB Packet Storm

293103	-	otmanager	otmanager_cms	OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in…	CWE-287 Improper Authentication	CVE-2008-7179	2017-09-29 10:33	2009-09-8	Show	GitHub Exploit DB Packet Storm

293104	-	rittwick_banerjee	telephone_directory_2008	del_query1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable.	CWE-20 Improper Input Validation	CVE-2008-7180	2017-09-29 10:33	2009-09-8	Show	GitHub Exploit DB Packet Storm

293105	-	butterflymedia	butterfly_organizer	Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) dele…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-7181	2017-09-29 10:33	2009-09-8	Show	GitHub Exploit DB Packet Storm

293106	-	netwin	surgemail	Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arb…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-7182	2017-09-29 10:33	2009-09-8	Show	GitHub Exploit DB Packet Storm

293107	-	clip-share	clipshare	ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php.…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-7188	2017-09-29 10:33	2009-09-10	Show	GitHub Exploit DB Packet Storm

293108	-	ming_han	ajchat	directory.php in AJchat 0.10 allows remote attackers to bypass input validation and conduct SQL injection attacks via a numeric parameter with a value matching the s parameter's hash value, which pre…	CWE-89 SQL Injection	CVE-2008-7210	2017-09-29 10:33	2009-09-12	Show	GitHub Exploit DB Packet Storm

293109	-	elinks	elinks	Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2008-7224	2017-09-29 10:33	2009-09-14	Show	GitHub Exploit DB Packet Storm

293110	-	linuxwebshop	php_user_base	Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template par…	CWE-94 CWE-22 Code Injection Path Traversal	CVE-2008-7240	2017-09-29 10:33	2009-09-18	Show	GitHub Exploit DB Packet Storm