Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
210471 6 警告 IBM - IBM WebSphere DataPower XC10 アプライアンスにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-3058 2014-12-15 18:17 2014-12-8 Show GitHub Exploit DB Packet Storm
210472 10 危険 Node.js Foundation
IBM		 - IBM Rational Application Developer などの製品で使用される Node.js 用 syntax-error パッケージの index.js における Eval インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2014-7192 2014-12-15 18:16 2014-07-15 Show GitHub Exploit DB Packet Storm
210473 5 警告 IBM - 複数の IBM 製品の Rule Execution Server の Hosted Transparent Decision Service における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2014-6114 2014-12-15 18:16 2014-12-3 Show GitHub Exploit DB Packet Storm
210474 3.5 注意 Chyrp - Chyrp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-7264 2014-12-15 18:05 2014-12-10 Show GitHub Exploit DB Packet Storm
210475 4.3 警告 ULTRAPOP.JP - i-HTTPD におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-7263 2014-12-15 18:02 2014-12-9 Show GitHub Exploit DB Packet Storm
210476 4.3 警告 Intelliants - Subrion CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9120 2014-12-15 17:06 2014-12-8 Show GitHub Exploit DB Packet Storm
210477 4.6 警告 Xiph.Org - Icecast における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-9091 2014-12-15 17:02 2014-05-6 Show GitHub Exploit DB Packet Storm
210478 7.5 危険 Zoho Corporation - 複数の ZOHO 製品におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-7866 2014-12-15 16:33 2014-09-27 Show GitHub Exploit DB Packet Storm
210479 7.5 危険 NVIDIA - NVIDIA ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-8298 2014-12-15 16:17 2014-12-9 Show GitHub Exploit DB Packet Storm
210480 6.4 警告 Scalix.com - Scalix Web Access における XML 外部エンティティの脆弱性 CWE-Other
その他 		CVE-2014-9360 2014-12-15 15:39 2014-10-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 17, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293271 - xensource xen Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly exec… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-1944 2017-09-29 10:30 2008-05-15 Show GitHub Exploit DB Packet Storm
293272 - xensource xen https://bugzilla.redhat.com/show_bug.cgi?id=443078 "The PVFB backend is a user space program running as root in dom0" CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-1944 2017-09-29 10:30 2008-05-15 Show GitHub Exploit DB Packet Storm
293273 - gnu coreutils The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command li… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-1946 2017-09-29 10:30 2008-07-29 Show GitHub Exploit DB Packet Storm
293274 - xensource xen_para_virtualized_frame_buffer The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mappin… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-1952 2017-09-29 10:30 2008-06-24 Show GitHub Exploit DB Packet Storm
293275 - webcalendar web_calendar_pro SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter. CWE-89
SQL Injection 		CVE-2008-1954 2017-09-29 10:30 2008-04-26 Show GitHub Exploit DB Packet Storm
293276 - easyscripts tr_script_news SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arbitrary SQL commands via the nb parameter in voir mode. CWE-89
SQL Injection 		CVE-2008-1957 2017-09-29 10:30 2008-04-26 Show GitHub Exploit DB Packet Storm
293277 - easyscripts tr_script_news Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with a .php extens… CWE-94
Code Injection 		CVE-2008-1958 2017-09-29 10:30 2008-04-26 Show GitHub Exploit DB Packet Storm
293278 - php_resource voice_of_web_allmyguests SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMG_id parameter in a comments action. CWE-89
SQL Injection 		CVE-2008-1961 2017-09-29 10:30 2008-04-26 Show GitHub Exploit DB Packet Storm
293279 - chimaera aterr Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) class parameter to include/functions.inc.… CWE-22
Path Traversal 		CVE-2008-1962 2017-09-29 10:30 2008-04-26 Show GitHub Exploit DB Packet Storm
293280 - quate grape_web_statistics PHP remote file inclusion vulnerability in includes/functions.php in Quate Grape Web Statistics 0.2a allows remote attackers to execute arbitrary PHP code via a URL in the location parameter. CWE-94
Code Injection 		CVE-2008-1963 2017-09-29 10:30 2008-04-26 Show GitHub Exploit DB Packet Storm