Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239941 7.5 危険 cmsnx - Feedback および Rating Script の detail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2277 2012-06-26 16:02 2008-05-16 Show GitHub Exploit DB Packet Storm
239942 9 危険 アルバネットワークス株式会社 - Aruba Mobility Controller の TACACS 認証コンポーネントにおける権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-2273 2012-06-26 16:02 2008-05-14 Show GitHub Exploit DB Packet Storm
239943 4.3 警告 アルバネットワークス株式会社 - Aruba Mobility Controller の Web インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2272 2012-06-26 16:02 2008-05-14 Show GitHub Exploit DB Packet Storm
239944 7.5 危険 CMS Made Simple - CMS Made Simple の FileManager モジュールの Postlet の javaUpload.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2267 2012-06-26 16:02 2008-05-16 Show GitHub Exploit DB Packet Storm
239945 7.5 危険 Emophp Programming - EMO Realty Manager の news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2265 2012-06-26 16:02 2008-05-16 Show GitHub Exploit DB Packet Storm
239946 7.5 危険 cmsnx - Automated Link Exchange Portal の linking.page.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2263 2012-06-26 16:02 2008-05-16 Show GitHub Exploit DB Packet Storm
239947 4.6 警告 afuse - afuse の expand_template 関数における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2232 2012-06-26 16:02 2008-07-17 Show GitHub Exploit DB Packet Storm
239948 9.3 危険 cyberfolio - Cyberfolio における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2228 2012-06-26 16:02 2008-05-14 Show GitHub Exploit DB Packet Storm
239949 7.5 危険 gamecms - gameCMS Lite の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2225 2012-06-26 16:02 2008-05-14 Show GitHub Exploit DB Packet Storm
239950 7.5 危険 buyscripts - vShare YouTube Clone の group_posts.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2223 2012-06-26 16:02 2008-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297491 - apple mac_os_x
mac_os_x_server 		ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to … CWE-94
Code Injection 		CVE-2009-2809 2017-08-17 10:30 2009-09-15 Show GitHub Exploit DB Packet Storm
297492 - apple mac_os_x
mac_os_x_server 		Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potential… CWE-94
Code Injection 		CVE-2009-2811 2017-08-17 10:30 2009-09-15 Show GitHub Exploit DB Packet Storm
297493 - apple mac_os_x_server Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not … CWE-79
Cross-site Scripting 		CVE-2009-2814 2017-08-17 10:30 2009-09-15 Show GitHub Exploit DB Packet Storm
297494 - apple airport_utility AirPort Utility before 5.5.1 for Apple AirPort Base Station does not properly distribute MAC address ACLs to network extenders, which allows remote attackers to bypass intended access restrictions vi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-2822 2017-08-17 10:30 2010-04-6 Show GitHub Exploit DB Packet Storm
297495 - apple safari The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks … NVD-CWE-Other
CVE-2009-2841 2017-08-17 10:30 2009-11-14 Show GitHub Exploit DB Packet Storm
297496 - cisco ios Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka… CWE-287
Improper Authentication 		CVE-2009-2863 2017-08-17 10:30 2009-09-29 Show GitHub Exploit DB Packet Storm
297497 - cisco unified_callmanager
unified_communications_manager 		Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial… NVD-CWE-Other
CVE-2009-2864 2017-08-17 10:30 2009-09-29 Show GitHub Exploit DB Packet Storm
297498 - cisco unified_callmanager
unified_communications_manager 		An unauthenticated, remote attacker could exploit this vulnerability to cause the affected application to fail, resulting in a DoS condition. NVD-CWE-Other
CVE-2009-2864 2017-08-17 10:30 2009-09-29 Show GitHub Exploit DB Packet Storm
297499 - cisco unified_communications_manager_express
ios 		Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remo… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-2865 2017-08-17 10:30 2009-09-29 Show GitHub Exploit DB Packet Storm
297500 - cisco ios Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. NVD-CWE-noinfo
CVE-2009-2866 2017-08-17 10:30 2009-09-29 Show GitHub Exploit DB Packet Storm