Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222131	4.3	警告	tcwonline	-	TCW PHP Album の photos/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2715	2012-12-20 19:29	2010-07-13	Show	GitHub Exploit DB Packet Storm

222132	7.5	危険	tcwonline	-	TCW PHP Album の photos/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2714	2012-12-20 19:29	2010-07-13	Show	GitHub Exploit DB Packet Storm

222133	3.5	注意	sijio	-	Sijio Community Software におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2698	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222134	3.5	注意	sijio	-	Sijio Community Software の gallery/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2697	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222135	7.5	危険	sijio	-	Sijio Community Software の gallery/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2696	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222136	6.5	警告	xlightftpd	-	Xlight FTP Server の SFTP/SSH2 仮想サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-2695	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222137	7.5	危険	redcomponent	-	Joomla! 用の redSHOP コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2694	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222138	7.5	危険	site2nite	-	Site2Nite Boat Classifieds の detail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2688	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222139	7.5	危険	site2nite	-	Site2Nite Boat Classifieds の printdetail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2687	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222140	7.5	危険	topmanage	-	SAP 用の TopManage OLK モジュール内における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2686	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
272541	-	pulseaudio	pulseaudio	The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### …	CWE-59 Link Following	CVE-2009-1299	2023-11-7 11:03	2010-03-19	Show	GitHub Exploit DB Packet Storm

272542	-	linux	linux_kernel	The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-1298	2023-11-7 11:03	2009-12-9	Show	GitHub Exploit DB Packet Storm

272543	-	-	-	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Not…	-	CVE-2009-1563	2023-11-7 11:03	2009-10-29	Show	GitHub Exploit DB Packet Storm

272544	-	prototypejs debian	prototype debian_linux	Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make "cross-site ajax requests" via unknown vectors.	NVD-CWE-noinfo	CVE-2008-7220	2023-11-7 11:03	2009-09-14	Show	GitHub Exploit DB Packet Storm

272545	-	microsoft	office	Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for user ID 502, which allows local users with that I…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-7217	2023-11-7 11:03	2009-09-14	Show	GitHub Exploit DB Packet Storm

272546	-	greensql	greensql_firewall	GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", …	CWE-89 SQL Injection	CVE-2008-6992	2023-11-7 11:03	2009-08-19	Show	GitHub Exploit DB Packet Storm

272547	-	-	-	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1899. Reason: This candidate is a duplicate of CVE-2009-1899. Notes: All CVE users should reference CVE-2009-1899 instead of…	-	CVE-2009-0907	2023-11-7 11:03	2009-08-14	Show	GitHub Exploit DB Packet Storm

272548	-	ocsinventory-ng	ocs_inventory_ng ocsinventory-agent	Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl modu…	NVD-CWE-Other	CVE-2009-0667	2023-11-7 11:03	2009-07-10	Show	GitHub Exploit DB Packet Storm

272549	-	xvid	xvid	Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-0894	2023-11-7 11:03	2009-06-3	Show	GitHub Exploit DB Packet Storm

272550	-	xvid	xvid	Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid before 1.2.2, as used by Windows Media Player and other applications, allow remote attackers to execute …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-0893	2023-11-7 11:03	2009-06-3	Show	GitHub Exploit DB Packet Storm