Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239791 4.3 警告 Horde - Horde Groupware などの製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2783 2012-09-25 17:17 2008-06-19 Show GitHub Exploit DB Packet Storm
239792 7.5 危険 otomigenx - OtomiGenX におけるディレクトリトラバーサルの脆弱性 CWE-200
CWE-22
CVE-2008-2782 2012-09-25 17:17 2008-06-19 Show GitHub Exploit DB Packet Storm
239793 4.3 警告 luca corbo - Ortro におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2777 2012-09-25 17:17 2008-06-19 Show GitHub Exploit DB Packet Storm
239794 7.5 危険 mycrocms - MycroCMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2770 2012-09-25 17:17 2008-06-18 Show GitHub Exploit DB Packet Storm
239795 7.5 危険 jamm-media - JAMM CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2755 2012-09-25 17:17 2008-06-18 Show GitHub Exploit DB Packet Storm
239796 7.5 危険 paridel - PSB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2753 2012-09-25 17:17 2008-06-18 Show GitHub Exploit DB Packet Storm
239797 7.1 危険 マイクロソフト - Microsoft Word 2000 などにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-2752 2012-09-25 17:17 2008-06-18 Show GitHub Exploit DB Packet Storm
239798 4.3 警告 サン・マイクロシステムズ
オラクル		 - Sun Java System Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2751 2012-09-25 17:17 2008-06-18 Show GitHub Exploit DB Packet Storm
239799 7.8 危険 Linux - Linux kernel の drivers/net/pppol2tp.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2750 2012-09-25 17:17 2008-06-10 Show GitHub Exploit DB Packet Storm
239800 2.1 注意 no-ip - Windows 上で稼動する No-IP DUC における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-2747 2012-09-25 17:17 2008-06-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268101 8.1 HIGH
Network 		fedoraproject
canonical
djangoproject 		fedora
ubuntu_linux
django 		Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validat… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-9014 2024-11-21 12:00 2016-12-10 Show GitHub Exploit DB Packet Storm
268102 9.8 CRITICAL
Network 		djangoproject
canonical
fedoraproject 		django
ubuntu_linux
fedora 		Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it eas… CWE-798
 Use of Hard-coded Credentials 		CVE-2016-9013 2024-11-21 12:00 2016-12-10 Show GitHub Exploit DB Packet Storm
268103 7.5 HIGH
Network 		openbsd openssh The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE:… CWE-399
 Resource Management Errors 		CVE-2016-8858 2024-11-21 12:00 2016-12-9 Show GitHub Exploit DB Packet Storm
268104 7.8 HIGH
Local 		linux linux_kernel Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by cal… CWE-264
CWE-416
Permissions, Privileges, and Access Controls
 Use After Free 		CVE-2016-9120 2024-11-21 12:00 2016-12-9 Show GitHub Exploit DB Packet Storm
268105 6.1 MEDIUM
Network 		spip spip Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter. CWE-79
Cross-site Scripting 		CVE-2016-9152 2024-11-21 12:00 2016-12-6 Show GitHub Exploit DB Packet Storm
268106 9.8 CRITICAL
Network 		siemens sicam_pas\/pqs A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by … CWE-20
CWE-284
 Improper Input Validation 
Improper Access Control 		CVE-2016-9157 2024-11-21 12:00 2016-12-5 Show GitHub Exploit DB Packet Storm
268107 7.3 HIGH
Network 		siemens sicam_pas\/pqs A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted pa… CWE-20
CWE-284
 Improper Input Validation 
Improper Access Control 		CVE-2016-9156 2024-11-21 12:00 2016-12-5 Show GitHub Exploit DB Packet Storm
268108 7.8 HIGH
Local 		linux linux_kernel security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial o… CWE-476
 NULL Pointer Dereference 		CVE-2016-9313 2024-11-21 12:00 2016-11-28 Show GitHub Exploit DB Packet Storm
268109 5.5 MEDIUM
Local 		linux linux_kernel The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a… CWE-20
CWE-399
 Improper Input Validation 
 Resource Management Errors 		CVE-2016-9191 2024-11-21 12:00 2016-11-28 Show GitHub Exploit DB Packet Storm
268110 5.5 MEDIUM
Local 		linux linux_kernel The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information… CWE-200
Information Exposure 		CVE-2016-9178 2024-11-21 12:00 2016-11-28 Show GitHub Exploit DB Packet Storm