Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223561 7.5 危険 riotpix - RiotPix の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0109 2012-12-20 19:10 2009-01-9 Show GitHub Exploit DB Packet Storm
223562 7.5 危険 phpauctions - PHPAuctions における管理者アクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-0108 2012-12-20 19:10 2009-01-9 Show GitHub Exploit DB Packet Storm
223563 4.3 警告 phpauctions - PHPAuctions の profile.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0107 2012-12-20 19:10 2009-01-9 Show GitHub Exploit DB Packet Storm
223564 7.5 危険 phpauctions - PHPAuctions の profile.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0106 2012-12-20 19:10 2009-01-9 Show GitHub Exploit DB Packet Storm
223565 4.3 警告 se-ed - EZpack の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0105 2012-12-20 19:10 2009-01-9 Show GitHub Exploit DB Packet Storm
223566 7.5 危険 se-ed - EZpack の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0104 2012-12-20 19:10 2009-01-9 Show GitHub Exploit DB Packet Storm
223567 7.5 危険 playSMS - playSMS における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0103 2012-12-20 19:10 2009-01-9 Show GitHub Exploit DB Packet Storm
223568 10 危険 The phpMyAdmin Project - phpMyAdmin の libraries/File.class.php における脆弱性 CWE-310
暗号の問題 		CVE-2008-7252 2012-12-20 19:10 2010-01-15 Show GitHub Exploit DB Packet Storm
223569 10 危険 The phpMyAdmin Project - phpMyAdmin の libraries/File.class.php における脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7251 2012-12-20 19:10 2010-01-19 Show GitHub Exploit DB Packet Storm
223570 9 危険 シマンテック - Symantec Brightmail Gateway Appliance の Control Center における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2009-0064 2012-12-20 19:10 2009-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
279151 - mozilla firefox
thunderbird 		This vulnerability is addressed in the following product releases: Mozilla, Firefox, 1.5.0.4 Mozilla, Thunderbird, 1.5.0.4 NVD-CWE-Other
CVE-2006-2776 2018-10-19 01:41 2006-06-3 Show GitHub Exploit DB Packet Storm
279152 - zipcentral zipcentral Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2006-2439 2018-10-19 01:40 2006-06-1 Show GitHub Exploit DB Packet Storm
279153 - apache spamassassin SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invok… NVD-CWE-noinfo
CVE-2006-2447 2018-10-19 01:40 2006-06-7 Show GitHub Exploit DB Packet Storm
279154 - kde kde KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. NVD-CWE-Other
CVE-2006-2449 2018-10-19 01:40 2006-06-15 Show GitHub Exploit DB Packet Storm
279155 - kde kde Vendor links provide patches for each version affected. NVD-CWE-Other
CVE-2006-2449 2018-10-19 01:40 2006-06-15 Show GitHub Exploit DB Packet Storm
279156 - libextractor libextractor Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c… NVD-CWE-Other
CVE-2006-2458 2018-10-19 01:40 2006-05-19 Show GitHub Exploit DB Packet Storm
279157 - php_fusion php_fusion SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and earlier allows remote authenticated users to execute arbitrary SQL commands via the srch_where parameter. NVD-CWE-Other
CVE-2006-2459 2018-10-19 01:40 2006-05-19 Show GitHub Exploit DB Packet Storm
279158 - sugarcrm sugarcrm Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is enabled, does not protect critical variables such as $_GLOBALS and $_SESSION from modification, which allows remote attack… NVD-CWE-Other
CVE-2006-2460 2018-10-19 01:40 2006-05-19 Show GitHub Exploit DB Packet Storm
279159 - cosmoshop cosmoshop SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and earlier allows remote attackers to execute arbitrary SQL commands via the artnum parameter. NVD-CWE-Other
CVE-2006-2474 2018-10-19 01:40 2006-05-20 Show GitHub Exploit DB Packet Storm
279160 - cosmoshop cosmoshop Directory traversal vulnerability in (1) edit_mailtexte.cgi and (2) bestmail.cgi in Cosmoshop 8.11.106 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file … NVD-CWE-Other
CVE-2006-2475 2018-10-19 01:40 2006-05-20 Show GitHub Exploit DB Packet Storm