Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
235331 7.5 危険 peercast - Peercast の HTTP::getAuthUserPass 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-2040 2012-09-25 17:16 2008-04-30 Show GitHub Exploit DB Packet Storm
235332 6.8 警告 miniBB - miniBB の setup_mysql.php などにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2029 2012-09-25 17:16 2008-04-30 Show GitHub Exploit DB Packet Storm
235333 4.3 警告 miniBB - miniBB におけるフルパスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-2028 2012-09-25 17:16 2008-04-30 Show GitHub Exploit DB Packet Storm
235334 4.3 警告 miniBB - miniBB の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2024 2012-09-25 17:16 2008-04-30 Show GitHub Exploit DB Packet Storm
235335 7.5 危険 pd9 software - PD9 Software の MegaBBS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2023 2012-09-25 17:16 2008-04-30 Show GitHub Exploit DB Packet Storm
235336 4.3 警告 pd9 software - PD9 Software MegaBBS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2022 2012-09-25 17:16 2008-04-30 Show GitHub Exploit DB Packet Storm
235337 5 警告 Mozilla Foundation - Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-2014 2012-09-25 17:16 2008-04-29 Show GitHub Exploit DB Packet Storm
235338 4.3 警告 national rail enquiries - National Rail Enquiries Live Departure Boards ガジェットにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2011 2012-09-25 17:16 2008-04-29 Show GitHub Exploit DB Packet Storm
235339 7.8 危険 Motorola Solutions, Inc - Motorola Surfboard におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-2002 2012-09-25 17:16 2008-04-28 Show GitHub Exploit DB Packet Storm
235340 8.5 危険 IBM - IBM DB2 の NNSTAT プロシージャにおける任意のファイルを上書きされる脆弱性 CWE-DesignError
CVE-2008-1998 2012-09-25 17:16 2008-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348021 - apple safari Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the proven… NVD-CWE-Other
CVE-2005-4678 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348022 - microsoft ie Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NVD-CWE-Other
CVE-2005-4679 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348023 - punbb punbb PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information. NVD-CWE-Other
CVE-2005-4686 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348024 - f-art_agency
punbb 		blog_cms
punbb 		PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepre… NVD-CWE-Other
CVE-2005-4687 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348025 - punbb punbb PunBB 1.2.9 does not require password entry when changing the e-mail address in an account's profile, which might allow an attacker to make an address change via a hijacked login session. NVD-CWE-Other
CVE-2005-4688 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348026 - - - Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie. NVD-CWE-Other
CVE-2005-4689 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348027 - six_apart movable_type Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory… NVD-CWE-Other
CVE-2005-4690 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348028 - netbsd netbsd imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack … NVD-CWE-Other
CVE-2005-4691 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348029 - mroovca mroovca_stats Unspecified vulnerability in mroovca stats (mroovcastats) before 0.4.5b has unknown attack vectors and impact, related to cookies. NVD-CWE-Other
CVE-2005-4692 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm
348030 - gaim-encryption gaim-encryption Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to cause a denial of service (crash) via a crafted message from an ICQ buddy, possibly involving the GE_received_key function in keys.c. NVD-CWE-Other
CVE-2005-4693 2008-09-6 05:57 2005-12-31 Show GitHub Exploit DB Packet Storm