Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201741 6.1 警告
Network 		MyBB Group - MyBB および Merge System の Admin コントロールパネルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9409 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201742 6.1 警告
Network 		MyBB Group - MyBB および Merge System の Mod コントロールパネルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9408 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201743 6.1 警告
Network 		MyBB Group - MyBB および Merge System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9407 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201744 6.1 警告
Network 		MyBB Group - MyBB および Merge System のユーザコントロールパネルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9406 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201745 6.1 警告
Network 		MyBB Group - MyBB および Merge System のメンバー検証におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9405 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201746 6.1 警告
Network 		MyBB Group - MyBB および Merge System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-9404 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201747 9.8 緊急
Network 		MyBB Group - MyBB および Merge System の newreply.php における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9403 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201748 9.8 緊急
Network 		MyBB Group - MyBB および Merge System の moderation ツールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9402 2017-02-13 15:31 2016-03-11 Show GitHub Exploit DB Packet Storm
201749 7.5 重要
Network 		MyBB Group - MyBB および Merge System におけるインストールパスを取得される脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2015-8977 2017-02-13 15:30 2015-09-7 Show GitHub Exploit DB Packet Storm
201750 6.1 警告
Network 		MyBB Group - MyBB および Merge System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-8976 2017-02-13 15:30 2015-09-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
289211 - limesurvey limesurvey Incomplete blacklist vulnerability in the autoEscape function in common_helper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting (XSS) attacks via the GBK c… NVD-CWE-Other
CVE-2014-5018 2024-11-21 11:11 2014-07-21 Show GitHub Exploit DB Packet Storm
289212 - limesurvey limesurvey SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx par… CWE-89
SQL Injection 		CVE-2014-5017 2024-11-21 11:11 2014-07-21 Show GitHub Exploit DB Packet Storm
289213 - limesurvey limesurvey Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via (1) the pid attribute to the getAttribute_json f… CWE-79
Cross-site Scripting 		CVE-2014-5016 2024-11-21 11:11 2014-07-21 Show GitHub Exploit DB Packet Storm
289214 - joomlaboat com_youtubegallery Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbit… CWE-89
SQL Injection 		CVE-2014-4960 2024-11-21 11:11 2014-07-21 Show GitHub Exploit DB Packet Storm
289215 - opensuse
phpmyadmin 		opensuse
phpmyadmin 		server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-4987 2024-11-21 11:11 2014-07-20 Show GitHub Exploit DB Packet Storm
289216 - phpmyadmin phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject ar… CWE-79
Cross-site Scripting 		CVE-2014-4986 2024-11-21 11:11 2014-07-20 Show GitHub Exploit DB Packet Storm
289217 - phpmyadmin phpmyadmin Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 all… CWE-79
Cross-site Scripting 		CVE-2014-4955 2024-11-21 11:11 2014-07-20 Show GitHub Exploit DB Packet Storm
289218 - phpmyadmin phpmyadmin Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrar… CWE-79
Cross-site Scripting 		CVE-2014-4954 2024-11-21 11:11 2014-07-20 Show GitHub Exploit DB Packet Storm
289219 - linux
suse
opensuse
redhat
debian 		linux_kernel
linux_enterprise_desktop
linux_enterprise_server
opensuse
enterprise_linux_server_aus
debian_linux 		The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. CWE-269
 Improper Privilege Management 		CVE-2014-4943 2024-11-21 11:11 2014-07-20 Show GitHub Exploit DB Packet Storm
289220 - sonicwall scrutinizer Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new … CWE-89
SQL Injection 		CVE-2014-4977 2024-11-21 11:11 2014-07-16 Show GitHub Exploit DB Packet Storm