Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239501	6.9	警告	Gentoo Linux	-	Portage における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2008-4394	2012-06-26 16:02	2008-10-9	Show	GitHub Exploit DB Packet Storm

239502	9.3	危険	シスコシステムズ	-	Cisco Linksys WVC54GC ワイアレスビデオカメラにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-4391	2012-06-26 16:02	2008-12-8	Show	GitHub Exploit DB Packet Storm

239503	10	危険	シスコシステムズ	-	Cisco Linksys WVC54GC ワイアレスビデオカメラにおけるパスワードなどの重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-4390	2012-06-26 16:02	2008-12-8	Show	GitHub Exploit DB Packet Storm

239504	10	危険	日本アルカテル・ルーセント Alcatel-Lucent	-	Alcatel OmniSwitch デバイスにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-4383	2012-06-26 16:02	2008-08-6	Show	GitHub Exploit DB Packet Storm

239505	7.5	危険	creative mind	-	Creative Mind Creator CMS の index.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4377	2012-06-26 16:02	2008-10-1	Show	GitHub Exploit DB Packet Storm

239506	7.5	危険	availscript	-	Availscript Classmate Script の viewprofile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4375	2012-06-26 16:02	2008-10-1	Show	GitHub Exploit DB Packet Storm

239507	7.5	危険	cmsbuzz	-	CMS Buzz の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4374	2012-06-26 16:02	2008-10-1	Show	GitHub Exploit DB Packet Storm

239508	7.5	危険	availscript	-	AvailScript Job Portal Script の job_seeker/applynow.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4373	2012-06-26 16:02	2008-10-1	Show	GitHub Exploit DB Packet Storm

239509	4.3	警告	availscript	-	AvailScript Article Script の articles.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4372	2012-06-26 16:02	2008-10-1	Show	GitHub Exploit DB Packet Storm

239510	7.5	危険	availscript	-	AvailScript Article Script の articles.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4371	2012-06-26 16:02	2008-10-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 15, 2026, 12:17 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
256561	-	contact_forms	cforms	PHP remote file inclusion vulnerability in cforms-css.php in Oliver Seidel cforms (contactforms), a Wordpress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the tm paramet…	CWE-94 Code Injection	CVE-2008-0560	2024-08-7 17:15	2008-02-5	Show	GitHub Exploit DB Packet Storm

256562	-	varnish.projects.linpro	varnish	Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite…	CWE-20 Improper Input Validation	CVE-2009-4488	2024-08-7 16:16	2010-01-14	Show	GitHub Exploit DB Packet Storm

256563	-	php	php	main/streams/plain_wrapper.c in PHP 5.3.x before 5.3.1 does not recognize the safe_mode_include_dir directive, which allows context-dependent attackers to have an unknown impact by triggering the fai…	NVD-CWE-noinfo	CVE-2009-3559	2024-08-7 16:15	2009-11-24	Show	GitHub Exploit DB Packet Storm

256564	-	-	-	The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS)…	-	CVE-2024-6494	2024-08-7 15:16	2024-08-7	Show	GitHub Exploit DB Packet Storm

256565	-	-	-	The House Manager WordPress plugin through 1.0.8.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used aga…	-	CVE-2024-3973	2024-08-7 15:16	2024-08-7	Show	GitHub Exploit DB Packet Storm

256566	-	varnish.projects.linpro	varnish	The Command Line Interface (aka Server CLI or administration interface) in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received…	CWE-287 Improper Authentication	CVE-2009-2936	2024-08-7 15:16	2010-04-6	Show	GitHub Exploit DB Packet Storm

256567	-	microsoft	windows_xp windows_server_2003	The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privile…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2009-2653	2024-08-7 15:16	2009-08-3	Show	GitHub Exploit DB Packet Storm

256568	-	checkpoint	firewall-1_pki_web_service	NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service (crash) and po…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-1227	2024-08-7 14:16	2009-04-3	Show	GitHub Exploit DB Packet Storm

256569	-	sigsiu.net	sobi2	SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid par…	CWE-89 SQL Injection	CVE-2009-0380	2024-08-7 14:15	2009-02-3	Show	GitHub Exploit DB Packet Storm

256570	-	google	chrome	Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickja…	NVD-CWE-Other	CVE-2009-0374	2024-08-7 14:15	2009-01-31	Show	GitHub Exploit DB Packet Storm