Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194941 5.3 警告
Network 		Digium - Asterisk Open Source および Certified Asterisk の chan_sip チャネルドライバにおけるプロキシの認証なしに Asterisk に INVITE リクエストを許可される脆弱性 CWE-285
不適切な認可 		CVE-2016-9938 2017-01-6 11:48 2016-12-8 Show GitHub Exploit DB Packet Storm
194942 7.1 重要
Local 		Image-Info project - Image::Info におけるサービス運用妨害 (DoS) の脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2016-9181 2017-01-6 11:18 2016-09-27 Show GitHub Exploit DB Packet Storm
194943 9.8 緊急
Network 		Bundler - Bundler における任意の Ruby コードをアプリケーションに挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2016-7954 2017-01-6 11:03 2016-10-5 Show GitHub Exploit DB Packet Storm
194944 7.5 重要
Network 		Digium - Asterisk Open Source におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-9937 2017-01-6 09:40 2016-11-11 Show GitHub Exploit DB Packet Storm
194945 6.1 警告
Network 		Tiki Software Community Association - Tiki Wiki CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9889 2017-01-5 18:40 2016-12-22 Show GitHub Exploit DB Packet Storm
194946 8.1 重要
Network 		シーメンス - SIEMENS SIMATIC WinCC および SIEMENS SIMATIC PCS 7 における ActiveX コンポーネントをクラッシュさせられる脆弱性 CWE-254
セキュリティ機能 		CVE-2016-9160 2017-01-5 18:24 2016-12-9 Show GitHub Exploit DB Packet Storm
194947 5.9 警告
Network 		シーメンス - SIEMENS SIMATIC S7-300 PN CPU および SIMATIC S7-400 PN CPU における PLC から資格情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-9159 2017-01-5 18:24 2016-12-9 Show GitHub Exploit DB Packet Storm
194948 7.5 重要
Network 		シーメンス - SIEMENS SIMATIC S7-300 PN CPU および SIMATIC S7-400 PN CPU におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9158 2017-01-5 18:24 2016-12-9 Show GitHub Exploit DB Packet Storm
194949 7.5 重要
Network 		シーメンス - Siemens Desigo PX オートメーションコントローラ用 Desigo PX Web モジュールにおける対応する秘密鍵を再構成される脆弱性 CWE-332
PRNG における不十分なエントロピー 		CVE-2016-9154 2017-01-5 18:24 2016-12-16 Show GitHub Exploit DB Packet Storm
194950 7 重要
Local 		Percona
MariaDB Corporation Ab.
オラクル		 - Oracle MySQL およびその他のデータベースにおける権限を取得される脆弱性 CWE-362
競合状態 		CVE-2016-6663 2017-01-5 18:20 2016-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294381 - yourfreeworld ad_board_script SQL injection vulnerability in trr.php in YourFreeWorld Ad Board Script allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3725 2017-09-29 10:31 2008-08-21 Show GitHub Exploit DB Packet Storm
294382 - microworld_technologies mailscan Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. CWE-22
Path Traversal 		CVE-2008-3727 2017-09-29 10:31 2008-08-21 Show GitHub Exploit DB Packet Storm
294383 - videolan vlc_media_player Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via… CWE-189
Numeric Errors 		CVE-2008-3732 2017-09-29 10:31 2008-08-21 Show GitHub Exploit DB Packet Storm
294384 - eo-video eo-video Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a Projec… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-3733 2017-09-29 10:31 2008-08-21 Show GitHub Exploit DB Packet Storm
294385 - ipswitch ws_ftp_home
ws_ftp_pro 		Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitr… CWE-134
Use of Externally-Controlled Format String 		CVE-2008-3734 2017-09-29 10:31 2008-08-21 Show GitHub Exploit DB Packet Storm
294386 - lbstone active_php_bookmarks
apb 		SQL injection vulnerability in view_group.php in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3748 2017-09-29 10:31 2008-08-22 Show GitHub Exploit DB Packet Storm
294387 - yourfreeworld banner_management_script SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3749 2017-09-29 10:31 2008-08-22 Show GitHub Exploit DB Packet Storm
294388 - yourfreeworld url_rotator_script SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3750 2017-09-29 10:31 2008-08-22 Show GitHub Exploit DB Packet Storm
294389 - yourfreeworld short_url_and_url_tracker_script SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3751 2017-09-29 10:31 2008-08-22 Show GitHub Exploit DB Packet Storm
294390 - yourfreeworld classifieds SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter. CWE-89
SQL Injection 		CVE-2008-3755 2017-09-29 10:31 2008-08-22 Show GitHub Exploit DB Packet Storm