Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239961	5	警告	idmos	-	IDMOS の administrator/download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0431	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

239962	4.3	警告	pacercms	-	PacerCMS の submit.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0426	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

239963	4.3	警告	novemberborn	-	Novemberborn sIFR のフォント再レンダリング機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0438	2012-09-25 16:59	2007-07-4	Show	GitHub Exploit DB Packet Storm

239964	7.5	危険	mooseguy blog system	-	MGBS の blog.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0424	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

239965	6.8	警告	lama	-	Lama Software における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-0423	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

239966	7.5	危険	Invision Power Services, Inc	-	Invision Gallery における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0421	2012-09-25 16:59	2008-01-23	Show	GitHub Exploit DB Packet Storm

239967	5	警告	Rejetto	-	HFS における設定および利用状況を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-0410	2012-09-25 16:59	2008-01-28	Show	GitHub Exploit DB Packet Storm

239968	4.3	警告	Rejetto	-	HFS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0409	2012-09-25 16:59	2008-01-28	Show	GitHub Exploit DB Packet Storm

239969	6.4	警告	Rejetto	-	HFS におけるログファイルに任意のテキストを追加される脆弱性	CWE-287 不適切な認証	CVE-2008-0408	2012-09-25 16:59	2008-01-28	Show	GitHub Exploit DB Packet Storm

239970	5	警告	Rejetto	-	HFS におけるリモートリクエスト発行元の特定を困難にする脆弱性	CWE-287 不適切な認証	CVE-2008-0407	2012-09-25 16:59	2008-01-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
284861	-	checkmarx	cxsast	Checkmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote authenticated users to bypass the CxQL sandbox protection mechanism and execute arbitrary C# code by asserting the (1) System.Security.P…	CWE-94 Code Injection	CVE-2014-8778	2024-11-21 11:19	2015-09-17	Show	GitHub Exploit DB Packet Storm

284862	-	polarssl	polarssl	Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted X.509 certificates. NOTE: this id…	CWE-399 Resource Management Errors	CVE-2014-8628	2024-11-21 11:19	2015-08-25	Show	GitHub Exploit DB Packet Storm

284863	-	ibm	db2	IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary text files via a crafted XML/XSLT func…	CWE-74 Injection	CVE-2014-8910	2024-11-21 11:19	2015-07-20	Show	GitHub Exploit DB Packet Storm

284864	-	adobe	acrobat acrobat_dc acrobat_reader acrobat_reader_dc	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 o…	CWE-200 Information Exposure	CVE-2014-8450	2024-11-21 11:19	2015-07-15	Show	GitHub Exploit DB Packet Storm

284865	-	xcloner	xcloner	The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and password on the command line, which allows local users to obtain sensitive information via the ps command.	CWE-200 Information Exposure	CVE-2014-8607	2024-11-21 11:19	2015-06-11	Show	GitHub Exploit DB Packet Storm

284866	-	xcloner	xcloner	Directory traversal vulnerability in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to read arbitrary files via a .. (dot dot) in the file parameter in a js…	CWE-22 Path Traversal	CVE-2014-8606	2024-11-21 11:19	2015-06-11	Show	GitHub Exploit DB Packet Storm

284867	-	xcloner	xcloner	The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predictable names under the web root with insufficient access control, which allows remote attackers to …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8605	2024-11-21 11:19	2015-06-11	Show	GitHub Exploit DB Packet Storm

284868	-	xcloner	xcloner	The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns the MySQL password in cleartext to a text box in the configuration panel, which allows remote attackers to obtain sensitive inform…	CWE-200 Information Exposure	CVE-2014-8604	2024-11-21 11:19	2015-06-11	Show	GitHub Exploit DB Packet Storm

284869	-	xcloner	xcloner	cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to execute arbitrary code via shell metacharacters in the (1) file name when creating…	CWE-20 Improper Input Validation	CVE-2014-8603	2024-11-21 11:19	2015-06-11	Show	GitHub Exploit DB Packet Storm

284870	-	ibm	marketing_operations	IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arb…	CWE-20 Improper Input Validation	CVE-2014-8887	2024-11-21 11:19	2015-06-8	Show	GitHub Exploit DB Packet Storm