Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229701 7.5 危険 scripts-for-sites - SFS EZ Home Business Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6783 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229702 7.5 危険 scripts-for-sites - SFS EZ Hosting Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6782 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229703 7.5 危険 scripts-for-sites - SFS Gaming Directory の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6781 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229704 7.5 危険 scripts-for-sites - SFS SFS EZ Affiliate の directory.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6780 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229705 7.5 危険 PHPNUKE - PHP-Nuke 用の Sarkilar モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6779 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229706 7.5 危険 scripts-for-sites - SFS EZ Auction の viewfaqs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6778 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229707 7.5 危険 scripts-for-sites - SFS EZ Hot or Not の viewcomments.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6776 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
229708 6.8 警告 shopsystem-forum - K&S Shopsoftware の admin/editor/images.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2008-6768 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
229709 10 危険 WordPress.org - WordPress の wp-admin/upgrade.php におけるアプリケーションをアップグレードされる脆弱性 CWE-noinfo
情報不足 		CVE-2008-6767 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
229710 5 警告 viart - ViArt Shop の cart_save.php におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-6766 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293521 - werner_baumann davfs2 WEB-DAV Linux File System (davfs2) 1.4.6 and 1.4.7 allow local users to gain privileges via unknown attack vectors in (1) kernel_interface.c and (2) mount_davfs.c, related to the "system" function. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-4362 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293522 - openstack
fedoraproject
canonical
redhat 		keystone
fedora
ubuntu_linux
openstack 		OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users … CWE-522
 Insufficiently Protected Credentials 		CVE-2013-4222 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293523 - emeric_vernat javamelody Cross-site scripting (XSS) vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-… CWE-79
Cross-site Scripting 		CVE-2013-4378 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293524 - apache
oracle 		struts
mysql_enterprise_monitor
flexcube_private_banking
webcenter_sites 		Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. CWE-16
NVD-CWE-noinfo
CWE-284
Configuration
Improper Access Control 		CVE-2013-4316 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293525 - jean-paul_calderone
canonical 		pyopenssl
ubuntu_linux 		The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle a… CWE-20
 Improper Input Validation  		CVE-2013-4314 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293526 - apache struts Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-4310 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293527 - redhat libvirt The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-4297 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293528 - redhat
canonical 		libvirt
ubuntu_linux
enterprise_linux 		The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated u… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-4296 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293529 - redhat libvirt libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote… CWE-399
 Resource Management Errors 		CVE-2013-4292 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm
293530 - redhat libvirt The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-4291 2024-11-21 10:55 2013-10-1 Show GitHub Exploit DB Packet Storm