Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229671 7.5 危険 openfreeway - Freeway CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2925 2012-09-25 17:38 2010-07-30 Show GitHub Exploit DB Packet Storm
229672 7.5 危険 PhotoIndochina - Joomla! 用の Golf Course Guide コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2921 2012-09-25 17:38 2010-07-30 Show GitHub Exploit DB Packet Storm
229673 7.5 危険 joomlaxt - Joomla! 用の staticxt コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2919 2012-09-25 17:38 2010-07-30 Show GitHub Exploit DB Packet Storm
229674 4.3 警告 Tenable, Inc. - Nessus 用の Nessus Web Server プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2914 2012-09-25 17:38 2010-07-30 Show GitHub Exploit DB Packet Storm
229675 7.5 危険 Kayako - Kayako eSupport の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2912 2012-09-25 17:38 2010-07-28 Show GitHub Exploit DB Packet Storm
229676 7.5 危険 Kayako - Kayako eSupport の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2911 2012-09-25 17:38 2010-07-28 Show GitHub Exploit DB Packet Storm
229677 7.5 危険 joomdle - Joomla! 用の joomdle コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2908 2012-09-25 17:38 2010-07-28 Show GitHub Exploit DB Packet Storm
229678 7.5 危険 huruhelpdesk - Joomla! 用の com_huruhelpdesk コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2907 2012-09-25 17:38 2010-07-28 Show GitHub Exploit DB Packet Storm
229679 4.3 警告 IBM - IBM FileNet CM におけるフォルダのパーミッションを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2896 2012-09-25 17:38 2010-07-19 Show GitHub Exploit DB Packet Storm
229680 4.3 警告 osCSS - osCSS の admin/currencies.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2856 2012-09-25 17:38 2010-07-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
298211 - interspire shopping_cart Cross-site scripting (XSS) vulnerability in search.php in Interspire Shopping Cart 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the proven… CWE-79
Cross-site Scripting 		CVE-2008-1076 2017-08-8 10:29 2008-02-29 Show GitHub Exploit DB Packet Storm
298212 - clam_anti-virus clamav Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-1100 2017-08-8 10:29 2008-04-15 Show GitHub Exploit DB Packet Storm
298213 - blender blender Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-1102 2017-08-8 10:29 2008-04-22 Show GitHub Exploit DB Packet Storm
298214 - blender blender Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." CWE-59
Link Following 		CVE-2008-1103 2017-08-8 10:29 2008-04-29 Show GitHub Exploit DB Packet Storm
298215 - cosmicperl
darwin
navision 		directory_pro
darwin
financials_server 		A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive valu… NVD-CWE-Other
CVE-2008-1146 2017-08-8 10:29 2008-03-5 Show GitHub Exploit DB Packet Storm
298216 - cosmicperl
darwin
navision 		directory_pro
darwin
financials_server 		A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attacke… NVD-CWE-Other
CVE-2008-1148 2017-08-8 10:29 2008-03-5 Show GitHub Exploit DB Packet Storm
298217 - phpmyadmin phpmyadmin phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection an… CWE-89
CWE-352
SQL Injection
 Origin Validation Error 		CVE-2008-1149 2017-08-8 10:29 2008-03-5 Show GitHub Exploit DB Packet Storm
298218 - cisco emergency_responder
mobility_manager
unified_communications_manager
unified_presence 		The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Resp… CWE-287
Improper Authentication 		CVE-2008-1154 2017-08-8 10:29 2008-04-5 Show GitHub Exploit DB Packet Storm
298219 - cisco network_admission_control Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server… CWE-200
Information Exposure 		CVE-2008-1155 2017-08-8 10:29 2008-04-17 Show GitHub Exploit DB Packet Storm
298220 - cisco ciscoworks_internetwork_performance_monitor Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a process that executes a command shell and listens on a randomly chosen TCP port, which allows remote attackers to execute arbitra… CWE-20
 Improper Input Validation  		CVE-2008-1157 2017-08-8 10:29 2008-03-15 Show GitHub Exploit DB Packet Storm