Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228371	7.5	危険	phpcityportal	-	PHPCityPortal の login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4870	2012-12-20 19:28	2010-05-11	Show	GitHub Exploit DB Packet Storm

228372	4.3	警告	tony million	-	Tuniac におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4867	2012-12-20 19:28	2010-05-11	Show	GitHub Exploit DB Packet Storm

228373	4.3	警告	PunBB	-	PunBB の profile.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4894	2012-12-20 19:28	2009-05-20	Show	GitHub Exploit DB Packet Storm

228374	9.3	危険	ultraplayer	-	UltraPlayer Media Player におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4863	2012-12-20 19:28	2010-05-11	Show	GitHub Exploit DB Packet Storm

228375	4.3	警告	supportpro	-	SupportPRO SupportDesk の shownews.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4861	2012-12-20 19:28	2010-05-11	Show	GitHub Exploit DB Packet Storm

228376	4.3	警告	turnkeyforms	-	Yahoo Answers Clone の questiondetail.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4858	2012-12-20 19:28	2010-05-11	Show	GitHub Exploit DB Packet Storm

228377	7.5	危険	scripts.oldguy	-	TalkBack の addons/import.php における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2009-4854	2012-12-20 19:28	2010-05-7	Show	GitHub Exploit DB Packet Storm

228378	6.8	警告	toutvirtual	-	ToutVirtual VirtualIQ Pro におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4849	2012-12-20 19:28	2010-05-7	Show	GitHub Exploit DB Packet Storm

228379	4.3	警告	toutvirtual	-	ToutVirtual VirtualIQ Pro におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4848	2012-12-20 19:28	2010-05-7	Show	GitHub Exploit DB Packet Storm

228380	5	警告	toutvirtual	-	ToutVirtual VirtualIQ Pro の設定ページにおける重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2009-4845	2012-12-20 19:28	2010-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274501	9.8	CRITICAL Network	php	php	Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified impact by triggering an error.	CWE-415 Double Free	CVE-2015-8880	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274502	7.5	HIGH Network	php	php	The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application cra…	CWE-20 Improper Input Validation	CVE-2015-8879	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274503	5.9	MEDIUM Network	php	php	main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory c…	CWE-119 CWE-362 Incorrect Access of Indexable Resource ('Range Error') Race Condition	CVE-2015-8878	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274504	7.5	HIGH Network	libgd php	libgd php	The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows …	CWE-399 Resource Management Errors	CVE-2015-8877	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274505	9.8	CRITICAL Network	php	php	Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL…	NVD-CWE-Other	CVE-2015-8876	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274506	7.5	HIGH Network	php canonical	php ubuntu_linux	The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, w…	CWE-310 Cryptographic Issues	CVE-2015-8867	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274507	6.1	MEDIUM Network	wordpress	wordpress	Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored…	CWE-79 Cross-site Scripting	CVE-2015-8834	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274508	9.6	CRITICAL Network	php canonical suse opensuse	php ubuntu_linux linux_enterprise_software_development_kit linux_enterprise_module_for_web_scripting leap opensuse	ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote att…	CWE-611 XXE	CVE-2015-8866	2024-11-21 11:39	2016-05-22	Show	GitHub Exploit DB Packet Storm

274509	7.3	HIGH Local	php apple	php mac_os_x	The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, whi…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-8865	2024-11-21 11:39	2016-05-20	Show	GitHub Exploit DB Packet Storm

274510	7.5	HIGH Network	opensuse php	leap php	Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-8874	2024-11-21 11:39	2016-05-16	Show	GitHub Exploit DB Packet Storm