Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203841 9.8 緊急
Network 		The PHP Group
openSUSE project
Fedora Project		 - PHP の ext/exif/exif.c の exif_process_TIFF_in_JPEG 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4544 2016-10-26 16:37 2016-04-28 Show GitHub Exploit DB Packet Storm
203842 9.8 緊急
Network 		The PHP Group
openSUSE project
Fedora Project		 - PHP の ext/exif/exif.c の exif_process_IFD_TAG 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-4542 2016-10-26 16:36 2016-04-28 Show GitHub Exploit DB Packet Storm
203843 9.8 緊急
Network 		The PHP Group
openSUSE project
Fedora Project		 - PHP の ext/intl/grapheme/grapheme_string.c の grapheme_strpos 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-4541 2016-10-26 16:36 2016-04-28 Show GitHub Exploit DB Packet Storm
203844 9.8 緊急
Network 		The PHP Group
openSUSE project
Fedora Project		 - PHP の ext/intl/grapheme/grapheme_string.c の grapheme_stripos 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-4540 2016-10-26 16:35 2016-04-28 Show GitHub Exploit DB Packet Storm
203845 9.8 緊急
Network 		The PHP Group
openSUSE project
Fedora Project		 - PHP の ext/xml/xml.c の xml_parse_into_struct 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4539 2016-10-26 16:34 2016-04-28 Show GitHub Exploit DB Packet Storm
203846 9.8 緊急
Network 		The PHP Group
openSUSE project
Fedora Project		 - PHP の ext/bcmath/bcmath.c の bcpowmod 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4538 2016-10-26 16:34 2016-04-28 Show GitHub Exploit DB Packet Storm
203847 9.8 緊急
Network 		The PHP Group
openSUSE project
Fedora Project		 - PHP の ext/bcmath/bcmath.c の bcpowmod 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4537 2016-10-26 16:33 2016-04-28 Show GitHub Exploit DB Packet Storm
203848 9.8 緊急
Network 		The PHP Group - PHP の ext/phar/tar.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-2554 2016-10-26 16:06 2016-02-4 Show GitHub Exploit DB Packet Storm
203849 5.4 警告
Adjacent 		BB&T - iOS 版「U by BB&T」に SSL サーバ証明書の検証不備の脆弱性 CWE-310
CWE-Other
CVE-2016-6550 2016-10-26 15:34 2016-09-30 Show GitHub Exploit DB Packet Storm
203850 8.8 重要
Network 		The PHP Group - PHP の ext/phar/dirstream.c の phar_make_dirstream 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-4343 2016-10-26 15:27 2016-02-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2971 8.2 HIGH
Network 		- - Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck_config cookie parameter. Attackers can inject … CWE-89
SQL Injection 		CVE-2019-25728 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2972 9.8 CRITICAL
Network 		- - PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie paramete… CWE-352
 Origin Validation Error 		CVE-2019-25729 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2973 8.2 HIGH
Network 		- - Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can s… CWE-89
SQL Injection 		CVE-2019-25730 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2974 8.2 HIGH
Network 		- - PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers… CWE-89
SQL Injection 		CVE-2019-25732 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2975 8.4 HIGH
Local 		- - NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a… CWE-120
Classic Buffer Overflow 		CVE-2019-25733 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2976 4.0 MEDIUM
Local 		- - Contact Form by WD 1.13.1 contains a cross-site request forgery vulnerability combined with local file inclusion that allows unauthenticated attackers to include arbitrary files by exploiting unsanit… CWE-22
Path Traversal 		CVE-2019-25734 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2977 8.4 HIGH
Local 		- - AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Att… CWE-120
Classic Buffer Overflow 		CVE-2019-25735 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2978 8.4 HIGH
Local 		- - LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a… CWE-120
Classic Buffer Overflow 		CVE-2019-25736 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2979 9.8 CRITICAL
Network 		- - WordPress Hybrid Composer 1.4.6 contains an unauthenticated settings change vulnerability that allows unauthenticated attackers to modify WordPress options by exploiting the hc_ajax_save_option actio… CWE-306
Missing Authentication for Critical Function 		CVE-2019-25738 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
2980 6.5 MEDIUM
Network 		- - Joomla com_jsjobs 1.2.6 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating custom userfield parameters. Attackers can send POST requ… CWE-22
Path Traversal 		CVE-2019-25740 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm