Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194931 9.8 緊急
Network 		シスコシステムズ - Cisco CloudCenter Orchestrator の Docker Engine における高い権限を持つ Docker コンテナをインストールされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9223 2017-01-6 17:46 2016-12-21 Show GitHub Exploit DB Packet Storm
194932 8.8 重要
Network 		シスコシステムズ - Cisco Intercloud Fabric for Business および for Providers における本製品が使用するデータベースへ接続される脆弱性 CWE-285
不適切な認可 		CVE-2016-9217 2017-01-6 17:46 2016-12-21 Show GitHub Exploit DB Packet Storm
194933 6.1 警告
Network 		OWASP AntiSamy Project - OWASP AntiSamy におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-10006 2017-01-6 17:02 2016-12-19 Show GitHub Exploit DB Packet Storm
194934 5.4 警告
Network 		s9y - Serendipity におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9681 2017-01-6 16:56 2016-11-28 Show GitHub Exploit DB Packet Storm
194935 7.3 重要
Network 		MODX - MODX Revolution の /connectors/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-10039 2017-01-6 16:49 2016-11-14 Show GitHub Exploit DB Packet Storm
194936 7.3 重要
Network 		MODX - MODX Revolution の /connectors/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-10038 2017-01-6 16:49 2016-11-14 Show GitHub Exploit DB Packet Storm
194937 7.3 重要
Network 		MODX - MODX Revolution の /connectors/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2016-10037 2017-01-6 16:49 2016-11-14 Show GitHub Exploit DB Packet Storm
194938 4.4 警告
Local 		レッドハット - Red Hat Enterprise Linux などの Linux 実装の sudo のデフォルト設定における情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2016-7091 2017-01-6 14:21 2016-11-3 Show GitHub Exploit DB Packet Storm
194939 9.1 緊急
Network 		Michel Rodriguez - XML::Twig における外部エンティティを拡張される脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2016-9180 2017-01-6 13:32 2016-09-26 Show GitHub Exploit DB Packet Storm
194940 7.8 重要
Local 		OpenJPEG project - OpenJPEG におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-9675 2017-01-6 12:36 2016-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294361 - masir_camp e-shop_module SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ordercode parameter in a veiworderstatus page. CWE-89
SQL Injection 		CVE-2008-3955 2017-09-29 10:31 2008-09-11 Show GitHub Exploit DB Packet Storm
294362 - ibm aix swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this fi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-4018 2017-09-29 10:31 2008-09-11 Show GitHub Exploit DB Packet Storm
294363 - spice_classifieds spice_classifieds SQL injection vulnerability in index.php in Spice Classifieds allows remote attackers to execute arbitrary SQL commands via the cat_path parameter. CWE-89
SQL Injection 		CVE-2008-4039 2017-09-29 10:31 2008-09-12 Show GitHub Exploit DB Packet Storm
294364 - aj_square aj_hyip Multiple SQL injection vulnerabilities in AJ Square AJ HYIP Acme allow remote attackers to execute arbitrary SQL commands via the artid parameter to (1) acme/article/comment.php and (2) prime/article… CWE-89
SQL Injection 		CVE-2008-4043 2017-09-29 10:31 2008-09-12 Show GitHub Exploit DB Packet Storm
294365 - aj_square aj_hyip SQL injection vulnerability in article/readarticle.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the artid parameter. CWE-89
SQL Injection 		CVE-2008-4044 2017-09-29 10:31 2008-09-12 Show GitHub Exploit DB Packet Storm
294366 - friendly_technologies friendly_pppoe_client Heap-based buffer overflow in a certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary code via a long … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-4048 2017-09-29 10:31 2008-09-12 Show GitHub Exploit DB Packet Storm
294367 - friendly_technologies friendly_pppoe_client A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary programs via arguments to the RunApp method. CWE-20
 Improper Input Validation  		CVE-2008-4049 2017-09-29 10:31 2008-09-12 Show GitHub Exploit DB Packet Storm
294368 - friendly_technologies friendly_pppoe_client A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryVa… CWE-20
 Improper Input Validation  		CVE-2008-4050 2017-09-29 10:31 2008-09-12 Show GitHub Exploit DB Packet Storm
294369 - kolifa download_script SQL injection vulnerability in indir.php in Kolifa.net Download Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-4054 2017-09-29 10:31 2008-09-12 Show GitHub Exploit DB Packet Storm
294370 - mozilla firefox The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT ele… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-4059 2017-09-29 10:31 2008-09-25 Show GitHub Exploit DB Packet Storm