Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239401 4.6 警告 VMware - 複数の VMware 製品のゲスト仮想デバイスドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-4916 2012-06-26 16:02 2009-04-3 Show GitHub Exploit DB Packet Storm
239402 9.3 危険 EZB Systems - UltraISO におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4825 2012-06-26 16:02 2009-04-1 Show GitHub Exploit DB Packet Storm
239403 7.5 危険 Chipmunk Scripts - Chipmunk CMS の board/admin/reguser.php における管理者権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4921 2012-06-26 16:02 2008-11-4 Show GitHub Exploit DB Packet Storm
239404 7.5 危険 chattaitaliano - Chattaitaliano Istant-Replay の read.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-4911 2012-06-26 16:02 2008-11-3 Show GitHub Exploit DB Packet Storm
239405 4.3 警告 compact cms - CompactCMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4909 2012-06-26 16:02 2008-11-3 Show GitHub Exploit DB Packet Storm
239406 3.3 注意 crossfire - CrossFire crossfire-maps の maps/Info/combine.pl における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-4908 2012-06-26 16:02 2008-11-3 Show GitHub Exploit DB Packet Storm
239407 7.5 危険 1st news - 1st News 4 Professional の products.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4890 2012-06-26 16:02 2008-11-3 Show GitHub Exploit DB Packet Storm
239408 7.5 危険 deV!L'z Clanportal - DZCP の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4889 2012-06-26 16:02 2008-11-3 Show GitHub Exploit DB Packet Storm
239409 10 危険 MPlayer project
FFmpeg		 - MPlayer で使用される FFmpeg におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-4869 2012-06-26 16:02 2008-10-31 Show GitHub Exploit DB Packet Storm
239410 10 危険 MPlayer project
FFmpeg		 - MPlayer で使用される FFmpeg の avcodec_close 関数における詳細不明の脆弱性 CWE-noinfo
情報不足 		CVE-2008-4868 2012-06-26 16:02 2008-10-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257141 - trackeur trackeur PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: CVE and a third party dispute thi… NVD-CWE-Other
CVE-2007-4383 2024-08-8 00:15 2007-08-18 Show GitHub Exploit DB Packet Storm
257142 - stadtaus guestbook_script Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the script_root parameter to (1) delete.php, (2) edit.php,… CWE-94
Code Injection 		CVE-2007-4290 2024-08-8 00:15 2007-08-10 Show GitHub Exploit DB Packet Storm
257143 - jems_scripts bellabiblio BellaBiblio allows remote attackers to gain administrative privileges via a bellabiblio cookie with the value "administrator." NOTE: this issue is disputed by CVE and multiple third parties because t… NVD-CWE-Other
CVE-2007-4230 2024-08-8 00:15 2007-08-9 Show GitHub Exploit DB Packet Storm
257144 - pluck pluck Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to read arbitrary local files via a .. (dot dot) in the file parameter.… NVD-CWE-Other
CVE-2007-4180 2024-08-8 00:15 2007-08-8 Show GitHub Exploit DB Packet Storm
257145 - pluck pluck PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NO… NVD-CWE-Other
CVE-2007-4181 2024-08-8 00:15 2007-08-8 Show GitHub Exploit DB Packet Storm
257146 - vgallite vgallite Multiple PHP remote file inclusion vulnerabilities in vgallite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dirpath parameter to _functions.php or the (2) lang parameter … CWE-94
Code Injection 		CVE-2007-4169 2024-08-8 00:15 2007-08-7 Show GitHub Exploit DB Packet Storm
257147 - platon phpwebfilemanager PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disp… NVD-CWE-Other
CVE-2007-4117 2024-08-8 00:15 2007-08-2 Show GitHub Exploit DB Packet Storm
257148 - jelsoft vbulletin Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, … NVD-CWE-Other
CVE-2007-4120 2024-08-8 00:15 2007-08-2 Show GitHub Exploit DB Packet Storm
257149 - le_ralf ralf_image_gallery PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael Moll RIG Image Gallery, 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the … NVD-CWE-Other
CVE-2007-4127 2024-08-8 00:15 2007-08-2 Show GitHub Exploit DB Packet Storm
257150 - guidance_software encase Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are … CWE-399
 Resource Management Errors 		CVE-2007-4036 2024-08-8 00:15 2007-07-28 Show GitHub Exploit DB Packet Storm