Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202211	9.8	緊急 Network	The PHP Group	-	PHP の ext/spl/spl_heap.c の spl_ptr_heap_insert 関数における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-4116	2016-05-19 17:42	2015-07-9	Show	GitHub Exploit DB Packet Storm

202212	5.3	警告 Network	The PHP Group	-	PHP における任意のファイルを読まれる脆弱性	CWE-200 CWE-Other	CVE-2015-3412	2016-05-19 17:42	2015-04-16	Show	GitHub Exploit DB Packet Storm

202213	6.5	警告 Network	The PHP Group	-	PHP における任意のファイルを読み書きされる脆弱性	CWE-20 不適切な入力確認	CVE-2015-3411	2016-05-19 17:42	2015-04-16	Show	GitHub Exploit DB Packet Storm

202214	6.8	警告	The PHP Group	-	Windows 版 PHP における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2015-4642	2016-05-19 17:39	2015-07-17	Show	GitHub Exploit DB Packet Storm

202215	6.1	警告 Network	Debian WebSVN	-	WebSVN におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1236	2016-05-19 10:56	2016-05-6	Show	GitHub Exploit DB Packet Storm

202216	7.5	重要 Network	Botan project	-	Botan におけるダウングレード攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2016-2850	2016-05-19 10:39	2016-03-17	Show	GitHub Exploit DB Packet Storm

202217	7.5	重要 Network	Debian Botan project	-	Botan における ECDSA 秘密鍵を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-2849	2016-05-19 10:39	2016-03-17	Show	GitHub Exploit DB Packet Storm

202218	9.8	緊急 Network	Botan project	-	Botan の P-521 reduction 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-2196	2016-05-19 10:39	2016-02-1	Show	GitHub Exploit DB Packet Storm

202219	9.8	緊急 Network	Debian Botan project	-	Botan の PointGFp コンストラクタにおける整数オーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-2195	2016-05-19 10:39	2016-02-1	Show	GitHub Exploit DB Packet Storm

202220	7.5	重要 Network	Debian Botan project	-	Botan の ressol 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-2194	2016-05-19 10:39	2016-02-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347331	-	debian	ppxp	ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands.	NVD-CWE-Other	CVE-2005-0392	2008-11-15 14:43	2005-05-19	Show	GitHub Exploit DB Packet Storm

347332	-	cybozu	collaborex cybozu_ag cybozu_pocket garoon_1 mailwise	Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8), Mailwise before 3.0(0.3), and Garoon 1 before 1.5(4.1) allows remote authenticated users to read…	NVD-CWE-Other	CVE-2006-4491	2008-11-11 15:28	2006-09-1	Show	GitHub Exploit DB Packet Storm

347333	-	cybozu	cybozu_office	Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows allows remote attackers to obtain sensitive information, including users and groups, via unspecified vectors.	NVD-CWE-Other	CVE-2006-4492	2008-11-11 15:28	2006-09-1	Show	GitHub Exploit DB Packet Storm

347334	-	hyper_estraier	hyper_estraier	estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attackers to read unauthorized files via a crafted search request for a filename that contains Unicode characters.	NVD-CWE-Other	CVE-2005-3421	2008-11-11 14:55	2005-11-2	Show	GitHub Exploit DB Packet Storm

347335	-	hiki	hiki	Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005…	NVD-CWE-Other	CVE-2005-2803	2008-11-11 14:53	2005-09-7	Show	GitHub Exploit DB Packet Storm

347336	-	hiki	hiki	Cross-site scripting (XSS) vulnerability in Hiki 0.8.0 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via "missing pages" in which the page name is not properly escaped, a di…	NVD-CWE-Other	CVE-2005-2336	2008-11-11 14:51	2005-09-7	Show	GitHub Exploit DB Packet Storm

347337	-	sendmail debian	sendmail debian_linux	The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doubl…	NVD-CWE-Other	CVE-2003-0308	2008-11-11 14:29	2003-05-15	Show	GitHub Exploit DB Packet Storm

347338	-	eva-web	eva-web	An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to obtain the full path of the web server via invalid (1) perso or (2) aide parameters.	NVD-CWE-Other	CVE-2006-2690	2008-11-9 15:26	2006-05-31	Show	GitHub Exploit DB Packet Storm

347339	-	allaire	forums	Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.	NVD-CWE-Other	CVE-2002-0108	2008-11-4 14:23	2002-03-25	Show	GitHub Exploit DB Packet Storm

347340	-	infopop	ultimate_bulletin_board	Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encod…	NVD-CWE-Other	CVE-2002-0118	2008-11-4 14:23	2002-03-25	Show	GitHub Exploit DB Packet Storm