Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229011 6.8 警告 IBM - IBM AIX および VIOS の FTP クライアントにおけるファイルの読み込み制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4845 2012-10-23 12:13 2012-06-20 Show GitHub Exploit DB Packet Storm
229012 8.5 危険 IBM - IBM DB2 におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4826 2012-10-23 12:11 2012-09-24 Show GitHub Exploit DB Packet Storm
229013 5 警告 Django Software Foundation - Django におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3443 2012-10-23 12:07 2012-07-30 Show GitHub Exploit DB Packet Storm
229014 4.3 警告 Django Software Foundation - Django におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-3442 2012-10-23 12:06 2012-07-30 Show GitHub Exploit DB Packet Storm
229015 5 警告 Apache Software Foundation - Apache QPID における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2012-3467 2012-10-22 17:26 2012-02-16 Show GitHub Exploit DB Packet Storm
229016 - - マイクロソフト
アドビシステムズ		 - ** 削除 ** Adobe Flash Player における任意のコードを実行される脆弱性 - CVE-2012-4166 2012-10-22 17:20 2012-08-21 Show GitHub Exploit DB Packet Storm
229017 4.3 警告 アップル - 複数の Apple 製品で使用される WebKit における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-3650 2012-10-22 14:53 2012-07-25 Show GitHub Exploit DB Packet Storm
229018 5.8 警告 Shibboleth
オラクル		 - Shibboleth OpenSAML ライブラリにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-1411 2012-10-22 14:40 2011-07-25 Show GitHub Exploit DB Packet Storm
229019 6.5 警告 オラクル - Oracle Database Server における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-3132 2012-10-22 14:40 2012-08-10 Show GitHub Exploit DB Packet Storm
229020 4.9 警告 Linux - 32-bit プラットフォーム上の Linux Kernel の i915_gem_execbuffer2 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-2383 2012-10-22 14:37 2012-06-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
298521 - kayako esupport Cross-site scripting (XSS) vulnerability in includes/htmlArea/plugins/HtmlTidy/html-tidy-logic.php in Kayako eSupport 3.20.2 allows remote attackers to inject arbitrary web script or HTML via the jsM… CWE-79
Cross-site Scripting 		CVE-2008-4761 2017-08-8 10:32 2008-10-28 Show GitHub Exploit DB Packet Storm
298522 - o2php oxygen_bulletin_board SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information … CWE-89
SQL Injection 		CVE-2008-4766 2017-08-8 10:32 2008-10-28 Show GitHub Exploit DB Packet Storm
298523 - tlm_cms tlm_cms SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-… CWE-89
SQL Injection 		CVE-2008-4768 2017-08-8 10:32 2008-10-28 Show GitHub Exploit DB Packet Storm
298524 - wordpress wordpress Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbit… CWE-22
Path Traversal 		CVE-2008-4769 2017-08-8 10:32 2008-10-28 Show GitHub Exploit DB Packet Storm
298525 - wojtek_kaniewsk libgadu libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-4776 2017-08-8 10:32 2008-10-29 Show GitHub Exploit DB Packet Storm
298526 - drupal drupal The validation functionality in the core upload module in Drupal 6.x before 6.5 allows remote authenticated users to bypass intended access restrictions and "attach files to content," related to a "l… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-4789 2017-08-8 10:32 2008-10-30 Show GitHub Exploit DB Packet Storm
298527 - drupal drupal The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-4790 2017-08-8 10:32 2008-10-30 Show GitHub Exploit DB Packet Storm
298528 - drupal drupal The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules. NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-4793 2017-08-8 10:32 2008-10-30 Show GitHub Exploit DB Packet Storm
298529 - opera opera Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696. CWE-20
 Improper Input Validation  		CVE-2008-4794 2017-08-8 10:32 2008-10-31 Show GitHub Exploit DB Packet Storm
298530 - opera opera The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site sc… CWE-79
Cross-site Scripting 		CVE-2008-4795 2017-08-8 10:32 2008-10-31 Show GitHub Exploit DB Packet Storm