Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
223711	6.8	警告	trixbox	-	Fonality trixbox CE の user/index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6825	2012-12-20 19:10	2009-06-5	Show	GitHub Exploit DB Packet Storm

223712	4.3	警告	XOOPS	-	XOOPS の pmlite.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6885	2012-12-20 19:10	2008-12-7	Show	GitHub Exploit DB Packet Storm

223713	6.8	警告	XOOPS	-	XOOPS におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-6884	2012-12-20 19:10	2008-12-7	Show	GitHub Exploit DB Packet Storm

223714	4.3	警告	シマンテック	-	Symantec Altiris Deployment Solution における権限を取得される脆弱性	CWE-310 暗号の問題	CVE-2008-6828	2012-12-20 19:10	2008-10-20	Show	GitHub Exploit DB Packet Storm

223715	6.8	警告	シマンテック	-	Symantec Altiris Deployment Solution の ListView コントロールにおけるシステム権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6827	2012-12-20 19:10	2008-10-20	Show	GitHub Exploit DB Packet Storm

223716	7.5	危険	surat kabar	-	phpWebNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6813	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

223717	7.5	危険	surat kabar	-	phpWebNews の bukutamu.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6812	2012-12-20 19:10	2009-05-22	Show	GitHub Exploit DB Packet Storm

223718	7.5	危険	scripts-for-sites	-	SFS EZ Link Directory の links.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6808	2012-12-20 19:10	2009-05-12	Show	GitHub Exploit DB Packet Storm

223719	7.5	危険	yigit aybuga	-	Yigit Aybuga Dizi Portali の diziler.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6803	2012-12-20 19:10	2009-05-11	Show	GitHub Exploit DB Packet Storm

223720	7.5	危険	phpexplorer	-	phPhotoGallery の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6802	2012-12-20 19:10	2009-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278161	-	php	php	The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathn…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2009-3558	2018-10-31 01:26	2009-11-24	Show	GitHub Exploit DB Packet Storm

278162	-	php	php	Access Complexity selected medium according to the information from X-force link regarding enabling "open_basedir" option. http://xforce.iss.net/xforce/xfdb/53568	CWE-264 Permissions, Privileges, and Access Controls	CVE-2009-3558	2018-10-31 01:26	2009-11-24	Show	GitHub Exploit DB Packet Storm

278163	-	sun	jre openjdk	Directory traversal vulnerability in the ICC_Profile.getInstance method in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attack…	CWE-22 Path Traversal	CVE-2009-3728	2018-10-31 01:26	2009-11-10	Show	GitHub Exploit DB Packet Storm

278164	-	adobe	adobe_air flash_player	Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-3794	2018-10-31 01:26	2009-12-11	Show	GitHub Exploit DB Packet Storm

278165	-	adobe	adobe_air flash_player	Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."	CWE-94 Code Injection	CVE-2009-3796	2018-10-31 01:26	2009-12-11	Show	GitHub Exploit DB Packet Storm

278166	-	adobe	adobe_air flash_player	Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.	CWE-399 Resource Management Errors	CVE-2009-3798	2018-10-31 01:26	2009-12-11	Show	GitHub Exploit DB Packet Storm

278167	-	adobe	adobe_air flash_player	Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file …	CWE-189 Numeric Errors	CVE-2009-3799	2018-10-31 01:26	2009-12-11	Show	GitHub Exploit DB Packet Storm

278168	-	adobe	adobe_air flash_player	Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary …	NVD-CWE-noinfo	CVE-2009-3800	2018-10-31 01:26	2009-12-11	Show	GitHub Exploit DB Packet Storm

278169	-	microsoft sun	windows jdk jre	The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, d…	NVD-CWE-Other	CVE-2009-3864	2018-10-31 01:26	2009-11-6	Show	GitHub Exploit DB Packet Storm

278170	-	sun	jdk jre	The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a craft…	CWE-94 Code Injection	CVE-2009-3865	2018-10-31 01:26	2009-11-6	Show	GitHub Exploit DB Packet Storm