Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230191 7.5 危険 Mahara - mahara の lib/user.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0400 2012-09-25 17:38 2010-04-7 Show GitHub Exploit DB Packet Storm
230192 6.8 警告 nanosleep - Trac Git プラグインの PyGIT.py における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0394 2012-09-25 17:38 2010-02-3 Show GitHub Exploit DB Packet Storm
230193 5 警告 JCE-Tech.com - JCE-Tech PHP Calendars の install.php におけるアクセス制限を回避する脆弱性 CWE-16
CWE-264
CVE-2010-0380 2012-09-25 17:38 2010-01-22 Show GitHub Exploit DB Packet Storm
230194 4.3 警告 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0376 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230195 7.5 危険 JCE-Tech.com - JCE-Tech PHP Calendars の product_list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0375 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230196 7.5 危険 Joomla! - Joomla! 用の libros コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0373 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230197 7.5 危険 hong chuyen - Joomla! の articlemanager コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0372 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230198 4.3 警告 hitmaaan - Hitmaaan Gallery の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0371 2012-09-25 17:38 2010-01-21 Show GitHub Exploit DB Packet Storm
230199 7.5 危険 matthias graubner - Helpdesk エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0333 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
230200 7.5 危険 julian fries - TYPO3 用の Googlemaps for tt_news 拡張における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-0330 2012-09-25 17:38 2010-01-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
284861 - htc touch_cruise
touch_pro 		HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to cause denial of service (CPU consumption, SMS consumption, and connectivity loss) via a flood of vCards to UDP port 9204. NVD-CWE-Other
CVE-2008-6775 2018-10-12 05:57 2009-05-2 Show GitHub Exploit DB Packet Storm
284862 - dflabs ptk The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, 0.2, and 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters after an arg1= sequence in a filename… CWE-20
 Improper Input Validation  		CVE-2008-6793 2018-10-12 05:57 2009-05-8 Show GitHub Exploit DB Packet Storm
284863 - eaton network_shutdown_module Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via pane_actionbutton.php, and then executing… CWE-287
Improper Authentication 		CVE-2008-6816 2018-10-12 05:57 2009-05-28 Show GitHub Exploit DB Packet Storm
284864 - a-link wl54ap2
wl54ap3 		Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface on the A-LINK WL54AP3 and WL54AP2 access points before firmware 1.4.2-eng1 allow remote attackers to hijack the … CWE-352
 Origin Validation Error 		CVE-2008-6823 2018-10-12 05:57 2009-06-5 Show GitHub Exploit DB Packet Storm
284865 - a-link wl54ap2
wl54ap3 		The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default password for the admin account, which makes it easier for remote attackers to obtain access. CWE-310
Cryptographic Issues 		CVE-2008-6824 2018-10-12 05:57 2009-06-5 Show GitHub Exploit DB Packet Storm
284866 - netenberg
cpanel 		fantastico_de_luxe
cpanel 		Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter. CWE-22
Path Traversal 		CVE-2008-6843 2018-10-12 05:57 2009-07-2 Show GitHub Exploit DB Packet Storm
284867 - clamav clamav The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file. NVD-CWE-Other
CVE-2008-6845 2018-10-12 05:57 2009-07-2 Show GitHub Exploit DB Packet Storm
284868 - avast avast_antivirus Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a ma… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-6846 2018-10-12 05:57 2009-07-2 Show GitHub Exploit DB Packet Storm
284869 - php-nuke current_issue_module SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action. CWE-89
SQL Injection 		CVE-2008-6866 2018-10-12 05:57 2009-07-14 Show GitHub Exploit DB Packet Storm
284870 - easysitenetwork jokes_complete_website SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2008-6880 2018-10-12 05:57 2009-07-31 Show GitHub Exploit DB Packet Storm