Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
195071 9.8 緊急
Network 		X.Org Foundation
Fedora Project		 - X.org libXv の XvQueryAdaptors および XvQueryEncodings 関数におけるメモリの境界外アクセス操作を誘発される脆弱性 CWE-119
CWE-125
CVE-2016-5407 2016-12-26 16:49 2016-10-4 Show GitHub Exploit DB Packet Storm
195072 5.5 警告
Local 		レッドハット - Red Hat Enterprise Virtualization Manager における重要な情報を取得される脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2016-4443 2016-12-26 16:46 2016-09-21 Show GitHub Exploit DB Packet Storm
195073 6.5 警告
Network 		Marcel Hellkamp - bottle の bottle.py の redirect() における CRLF 攻撃を引き起こされる脆弱性 CWE-93
CRLF インジェクション 		CVE-2016-9964 2016-12-26 16:40 2016-12-10 Show GitHub Exploit DB Packet Storm
195074 7.8 重要
Local 		Nagios Enterprises, LLC - Nagios Core の base/logging.c における root 権限を取得される脆弱性 CWE-264
CWE-59
CVE-2016-9566 2016-12-26 14:32 2016-12-7 Show GitHub Exploit DB Packet Storm
195075 9.8 緊急
Network 		Nagios Enterprises, LLC - Nagios Core のフロントエンドコンポーネントで使用される MagpieRSS における任意のファイルを読まれる脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-9565 2016-12-26 14:32 2016-10-24 Show GitHub Exploit DB Packet Storm
195076 5.3 警告
Network 		Apache Software Foundation - Apache Tika の Apache Tika サーバにおける任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-3271 2016-12-26 14:05 2015-08-14 Show GitHub Exploit DB Packet Storm
195077 9.8 緊急
Network 		アドビシステムズ - Adobe DNG Converter におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-7856 2016-12-26 12:16 2016-12-13 Show GitHub Exploit DB Packet Storm
195078 7.5 重要
Network 		アドビシステムズ - Adobe ColdFusion Builder における情報漏えいの脆弱性 CWE-200
情報漏えい 		CVE-2016-7887 2016-12-26 11:43 2016-12-13 Show GitHub Exploit DB Packet Storm
195079 6.1 警告
Network 		アドビシステムズ - Adobe Experience Manager Forms および LiveCycle の PMAdmin モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6934 2016-12-26 11:23 2016-12-13 Show GitHub Exploit DB Packet Storm
195080 9.8 緊急
Network 		X.Org Foundation
Fedora Project		 - X.org libXvMC におけるバッファアンダーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-7953 2016-12-22 18:28 2016-10-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294191 - fedora
redhat 		directory_server Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory… CWE-399
 Resource Management Errors 		CVE-2008-3283 2017-09-29 10:31 2008-08-30 Show GitHub Exploit DB Packet Storm
294192 - aprox aprox_cms_engine
aproxengine 		SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-3291 2017-09-29 10:31 2008-07-25 Show GitHub Exploit DB Packet Storm
294193 - ezwebalbum ezwebalbum constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the photoalbumadmin cookie, as demonstrated via addpage.php. CWE-287
Improper Authentication 		CVE-2008-3292 2017-09-29 10:31 2008-07-25 Show GitHub Exploit DB Packet Storm
294194 - tuxplanet bilboblog SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magic_quotes_gpc is disabled, allows remote authenticated administrators to execute arbitrary SQL commands via the num paramet… CWE-89
SQL Injection 		CVE-2008-3302 2017-09-29 10:31 2008-07-25 Show GitHub Exploit DB Packet Storm
294195 - tuxplanet bilboblog admin/login.php in BilboBlog 0.2.1, when register_globals is enabled, allows remote attackers to bypass authentication and obtain administrative access via a direct request that sets the login, admin… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-3303 2017-09-29 10:31 2008-07-25 Show GitHub Exploit DB Packet Storm
294196 - carlos_desseno youtube_blog Cross-site scripting (XSS) vulnerability in mensaje.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to inject arbitrary web script or HTML via the m parameter. CWE-79
Cross-site Scripting 		CVE-2008-3305 2017-09-29 10:31 2008-07-26 Show GitHub Exploit DB Packet Storm
294197 - youtube_blog youtube_blog SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. CWE-89
SQL Injection 		CVE-2008-3307 2017-09-29 10:31 2008-07-26 Show GitHub Exploit DB Packet Storm
294198 - carlos_desseno youtube_blog PHP remote file inclusion vulnerability in cuenta/cuerpo.php in C. Desseno YouTube Blog (ytb) 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in… CWE-94
Code Injection 		CVE-2008-3308 2017-09-29 10:31 2008-07-26 Show GitHub Exploit DB Packet Storm
294199 - digiappz digileave SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter. CWE-89
SQL Injection 		CVE-2008-3309 2017-09-29 10:31 2008-07-26 Show GitHub Exploit DB Packet Storm
294200 - preproject pre_survey_poll SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. CWE-89
SQL Injection 		CVE-2008-3310 2017-09-29 10:31 2008-07-26 Show GitHub Exploit DB Packet Storm