Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229381 4.3 警告 VWar - Virtual War におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5064 2012-10-10 15:16 2012-10-8 Show GitHub Exploit DB Packet Storm
229382 7.5 危険 VWar - Virtual War の article.phpにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5063 2012-10-10 15:15 2012-10-8 Show GitHub Exploit DB Packet Storm
229383 4.3 警告 Smarty - Smarty におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-4437 2012-10-10 14:00 2012-10-10 Show GitHub Exploit DB Packet Storm
229384 6.8 警告 Plume CMS - Plume CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-1414 2012-10-10 13:49 2012-10-7 Show GitHub Exploit DB Packet Storm
229385 2.6 注意 Proc::ProcessTable - Perl 用 Proc::ProcessTable モジュールにおける任意のファイルを上書される脆弱性 CWE-59
リンク解釈の問題 		CVE-2011-4363 2012-10-10 13:49 2012-10-7 Show GitHub Exploit DB Packet Storm
229386 5 警告 Joomla! - Joomla! におけるインストールパスを取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4911 2012-10-10 10:36 2009-06-30 Show GitHub Exploit DB Packet Storm
229387 4.3 警告 Joomla! - Joomla! におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4910 2012-10-10 10:34 2009-06-3 Show GitHub Exploit DB Packet Storm
229388 4.3 警告 Joomla! - Joomla! におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4909 2012-10-10 10:32 2009-06-30 Show GitHub Exploit DB Packet Storm
229389 4.3 警告 MODX - MODx Revolution におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-5278 2012-10-10 10:13 2010-09-30 Show GitHub Exploit DB Packet Storm
229390 4.9 警告 Views Bulk Operations project - Drupal 用 Views Bulk Operations モジュールにおけるアクセス制限を回避される脆弱性 CWE-noinfo
情報不足 		CVE-2010-5277 2012-10-10 10:06 2010-10-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
298101 - adobe flash_player_for_linux Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file. CWE-94
Code Injection 		CVE-2008-5499 2017-08-8 10:33 2008-12-18 Show GitHub Exploit DB Packet Storm
298102 - university_of_washington imap Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other appl… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-5514 2017-08-8 10:33 2008-12-24 Show GitHub Exploit DB Packet Storm
298103 - sun java_system_portal_server Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration inform… NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5549 2017-08-8 10:33 2008-12-13 Show GitHub Exploit DB Packet Storm
298104 - rsyslog rsyslog The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-5617 2017-08-8 10:33 2008-12-17 Show GitHub Exploit DB Packet Storm
298105 - roundcube webmail RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attackers to cause a denial of service (memory consumption) via crafted size parameters that are used to create a large quota image. CWE-399
 Resource Management Errors 		CVE-2008-5620 2017-08-8 10:33 2008-12-17 Show GitHub Exploit DB Packet Storm
298106 - typo3 typo3 Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. CWE-79
Cross-site Scripting 		CVE-2008-5644 2017-08-8 10:33 2008-12-18 Show GitHub Exploit DB Packet Storm
298107 - orb_networks orb Directory traversal vulnerability in the media server in Orb Networks Orb before 2.01.0022 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP GET request. CWE-22
Path Traversal 		CVE-2008-5645 2017-08-8 10:33 2008-12-18 Show GitHub Exploit DB Packet Storm
298108 - trac trac Unspecified vulnerability in Trac before 0.11.2 allows attackers to cause a denial of service via unknown attack vectors related to "certain wiki markup." NVD-CWE-noinfo
CVE-2008-5646 2017-08-8 10:33 2008-12-18 Show GitHub Exploit DB Packet Storm
298109 - trac trac Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors. NVD-CWE-noinfo
CVE-2008-5647 2017-08-8 10:33 2008-12-18 Show GitHub Exploit DB Packet Storm
298110 - myiosoft easybookmarker Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified … CWE-89
SQL Injection 		CVE-2008-5655 2017-08-8 10:33 2008-12-18 Show GitHub Exploit DB Packet Storm