Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239571	7.5	危険	octeth	-	Octeth Oempro における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3058	2012-09-25 17:17	2008-12-3	Show	GitHub Exploit DB Packet Storm

239572	5	警告	octeth	-	Octeth Oempro におけるクッキーを取得される脆弱性	CWE-310 暗号の問題	CVE-2008-3057	2012-09-25 17:17	2008-12-3	Show	GitHub Exploit DB Packet Storm

239573	7.5	危険	oneclick cms	-	OneClick CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3026	2012-09-25 17:17	2008-07-7	Show	GitHub Exploit DB Packet Storm

239574	7.5	危険	homap	-	HoMaP-CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2989	2012-09-25 17:17	2008-07-2	Show	GitHub Exploit DB Packet Storm

239575	6.8	警告	homeph design	-	HomePH Design におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2982	2012-09-25 17:17	2008-07-2	Show	GitHub Exploit DB Packet Storm

239576	6.8	警告	homeph design	-	HomePH Design における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2981	2012-09-25 17:17	2008-07-2	Show	GitHub Exploit DB Packet Storm

239577	4.3	警告	homeph design	-	HomePH Design におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2980	2012-09-25 17:17	2008-07-2	Show	GitHub Exploit DB Packet Storm

239578	4.3	警告	ourvideo cms	-	Ourvideo CMS の phpi/login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2979	2012-09-25 17:17	2008-07-2	Show	GitHub Exploit DB Packet Storm

239579	6.8	警告	ourvideo cms	-	Ourvideo CMS の phpi/rss.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2978	2012-09-25 17:17	2008-07-2	Show	GitHub Exploit DB Packet Storm

239580	7.5	危険	ourvideo cms	-	Ourvideo CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2977	2012-09-25 17:17	2008-07-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285111	-	cts_projects\&software	classad	SQL injection vulnerability in showads.php in CTS Projects & Software ClassAd 3.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.	CWE-89 SQL Injection	CVE-2014-9455	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285112	-	simple_sticky_footer_project	simple_sticky_footer	Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Sticky Footer plugin before 1.3.3 for WordPress allow remote attackers to hijack the authentication of administrators for requ…	CWE-352 Origin Validation Error	CVE-2014-9454	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285113	-	simple_visitor_stat_project	simple_visitor_stat	Multiple cross-site scripting (XSS) vulnerabilities in simple-visitor-stat.php in the Simple visitor stat plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1…	CWE-79 Cross-site Scripting	CVE-2014-9453	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285114	-	vdgsecurity	vdg_sense	Directory traversal vulnerability in VDG Security SENSE (formerly DIVA) 2.3.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI to images/.	CWE-22 Path Traversal	CVE-2014-9452	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285115	-	vdgsecurity	vdg_sense	Multiple stack-based buffer overflows in the DIVA web service API (/webservice) in VDG Security SENSE (formerly DIVA) 2.3.13 allow remote attackers to execute arbitrary code via the (1) user or (2) p…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9451	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285116	-	zabbix	zabbix	Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands v…	CWE-89 SQL Injection	CVE-2014-9450	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285117	-	exiv2 fedoraproject	exiv2 fedora	Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9449	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285118	-	mini-stream	rm-mp3_converter	Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9448	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285119	-	elfutils_project	elfutils	Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (…	CWE-22 Path Traversal	CVE-2014-9447	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285120	-	koha	koha	Multiple cross-site scripting (XSS) vulnerabilities in the Staff client in Koha before 3.16.6 and 3.18.x before 3.18.2 allow remote attackers to inject arbitrary web script or HTML via the sort_by pa…	CWE-79 Cross-site Scripting	CVE-2014-9446	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm