Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198151	6.8	警告 Physics	シトリックス・システムズ	-	Citrix Receiver Desktop Lock の不正なアクセス制御メカニズムにおける認証要求を回避される脆弱性	CWE-Other その他	CVE-2016-9111	2016-11-8 17:49	2016-10-27	Show	GitHub Exploit DB Packet Storm

198152	7.8	重要 Local	Python Software Foundation	-	Pillow における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2016-9190	2016-11-8 17:38	2016-10-3	Show	GitHub Exploit DB Packet Storm

198153	5.5	警告 Local	Python Software Foundation	-	Pillow における重要な情報を取得される脆弱性	CWE-Other その他	CVE-2016-9189	2016-11-8 17:38	2016-10-3	Show	GitHub Exploit DB Packet Storm

198154	7.5	重要 Network	Spark Framework project	-	Spark におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-9177	2016-11-8 17:28	2016-11-7	Show	GitHub Exploit DB Packet Storm

198155	9.8	緊急 Network	マイクロフォーカス株式会社	-	Micro Focus Rumba の send.exe および receive.exe コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-9176	2016-11-8 17:27	2016-10-31	Show	GitHub Exploit DB Packet Storm

198156	8.8	重要 Network	Exponent CMS project	-	Exponent CMS の framework/modules/core/controllers/expRatingController.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-9242	2016-11-8 17:23	2016-11-4	Show	GitHub Exploit DB Packet Storm

198157	7.5	重要 Network	Exponent CMS project	-	Exponent CMS の /framework/modules/core/controllers/expHTMLEditorController.php における SQL インジェクションの脆弱性	CWE-200 CWE-89	CVE-2016-9184	2016-11-8 17:23	2016-11-3	Show	GitHub Exploit DB Packet Storm

198158	7.5	重要 Network	Exponent CMS project	-	Exponent CMS の /framework/modules/ecommerce/controllers/orderController.php における情報公開の脆弱性	CWE-200 情報漏えい	CVE-2016-9183	2016-11-8 17:23	2016-11-3	Show	GitHub Exploit DB Packet Storm

198159	7.5	重要 Network	Exponent CMS project	-	Exponent CMS におけるパーミッションチェックを回避される脆弱性	CWE-Other その他	CVE-2016-9182	2016-11-8 17:23	2016-11-3	Show	GitHub Exploit DB Packet Storm

198160	8.1	重要 Network	Joomla!	-	Joomla! の Users コンポーネントの controllers/user.php の UsersModelRegistration クラスにおけるユーザアカウントを作成される脆弱性	CWE-20 不適切な入力確認	CVE-2016-8870	2016-11-8 16:46	2016-10-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348691	-	realityscape	mylogin_2000	SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password in the login form.	NVD-CWE-Other	CVE-2002-2035	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348692	-	sun	ray_server_software	Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client.	NVD-CWE-Other	CVE-2002-2036	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348693	-	cisco	bams pgw_2200 sc2200 vsc3000 vspt	The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Prov…	NVD-CWE-Other	CVE-2002-2037	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348694	-	bill_abt	next_generation_posix_threading	Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown met…	NVD-CWE-Other	CVE-2002-2038	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348695	-	qnx	rtos	The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to…	NVD-CWE-Other	CVE-2002-2040	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348696	-	qnx	rtos	ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running proce…	NVD-CWE-Other	CVE-2002-2042	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348697	-	cyrus	sasl	SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail user…	NVD-CWE-Other	CVE-2002-2043	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348698	-	xqus	x-stat	Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action.	NVD-CWE-Other	CVE-2002-2044	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348699	-	xqus	x-news	x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie.	NVD-CWE-Other	CVE-2002-2046	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348700	-	sketch	sketch	The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.	NVD-CWE-Other	CVE-2002-2047	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm