Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230371 7.5 危険 slashcode.com - Slash における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2231 2012-12-20 18:52 2008-06-5 Show GitHub Exploit DB Packet Storm
230372 4.6 警告 reportbug-ng - reportbug および reportbug-ng における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2230 2012-12-20 18:52 2008-06-4 Show GitHub Exploit DB Packet Storm
230373 6.8 警告 PHP-Fusion - PHP-Fusion Forum Rank System におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2227 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
230374 6.8 警告 sazcart - SazCart における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2224 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
230375 7.5 危険 scorpnews - Thomas Gossmann ScorpNews の example.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2193 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
230376 6.8 警告 postnuke software foundation - PostNuke 用の pnEncyclopedia モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2191 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
230377 6.8 警告 romedchim international srl - Online Rent の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2190 2012-12-20 18:52 2008-05-14 Show GitHub Exploit DB Packet Storm
230378 4.3 警告 Toocharger - SMartBlog の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2185 2012-12-20 18:52 2008-05-13 Show GitHub Exploit DB Packet Storm
230379 7.5 危険 Toocharger - SMartBlog における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2184 2012-12-20 18:52 2008-05-13 Show GitHub Exploit DB Packet Storm
230380 7.5 危険 Toocharger - SMartBlog の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2183 2012-12-20 18:52 2008-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293981 - acquia
commons_wikis_project 		commons
commons_wikis 		The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1908 2024-11-21 10:50 2013-07-17 Show GitHub Exploit DB Packet Storm
293982 - acquia commons
commons_group 		The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1907 2024-11-21 10:50 2013-07-17 Show GitHub Exploit DB Packet Storm
293983 7.8 HIGH
Local 		linux
redhat
canonical 		linux_kernel
enterprise_linux
enterprise_linux_eus
ubuntu_linux 		The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows loca… CWE-20
 Improper Input Validation  		CVE-2013-1943 2024-11-21 10:50 2013-07-16 Show GitHub Exploit DB Packet Storm
293984 - redhat enterprise_linux A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest O… CWE-362
Race Condition 		CVE-2013-1935 2024-11-21 10:50 2013-07-16 Show GitHub Exploit DB Packet Storm
293985 - ibm
apache 		websphere_application_server
geronimo 		The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not properly implement the RMI… CWE-94
Code Injection 		CVE-2013-1777 2024-11-21 10:50 2013-07-12 Show GitHub Exploit DB Packet Storm
293986 - apache openjpa The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain cra… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-1768 2024-11-21 10:50 2013-07-12 Show GitHub Exploit DB Packet Storm
293987 - apache
redhat
canonical
opensuse 		http_server
jboss_enterprise_application_platform
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_eus
u… 		mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a M… NVD-CWE-noinfo
CVE-2013-1896 2024-11-21 10:50 2013-07-11 Show GitHub Exploit DB Packet Storm
293988 - apache struts Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) … CWE-94
Code Injection 		CVE-2013-1966 2024-11-21 10:50 2013-07-11 Show GitHub Exploit DB Packet Storm
293989 - apache struts
struts2-showcase 		Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled … CWE-94
Code Injection 		CVE-2013-1965 2024-11-21 10:50 2013-07-11 Show GitHub Exploit DB Packet Storm
293990 - videolan vlc_media_player The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-1954 2024-11-21 10:50 2013-07-11 Show GitHub Exploit DB Packet Storm