Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240041 4.3 警告 carboncommunities - Carbon Communities におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1896 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240042 7.5 危険 carboncommunities - Carbon Communities における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1895 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240043 4.3 警告 ビジネスオブジェクツ - BusinessObjects InfoView の desktoplaunch/InfoView/logon/logon.object におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1894 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240044 4.3 警告 blogator-script - Blogator-script の bs_auth.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1892 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240045 7.5 危険 azrul
Joomla!		 - Joomla! 用のJom Comment コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1890 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240046 7.5 危険 cdnetworks - CDNetworks Nefficient Download の NeffyLauncher ActiveX コントロールにおける保護メカニズムを回避される脆弱性 CWE-310
暗号の問題 		CVE-2008-1886 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240047 6.8 警告 cdnetworks - CDNetworks Nefficient Download の NeffyLauncher ActiveX コントロールにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1885 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240048 6.8 警告 Blackboard, Inc. - Blackboard Academic Suite のサーバにおけるアカウントにアクセスされる脆弱性 CWE-287
不適切な認証 		CVE-2008-1883 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
240049 5 警告 Firebird Project
Gentoo Linux		 - Gentoo Linux 上の Firebird のデフォルト設定における重要なデータベース情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-1880 2012-06-26 16:02 2008-05-12 Show GitHub Exploit DB Packet Storm
240050 2.1 注意 Debian - tss における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1877 2012-06-26 16:02 2008-04-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
256871 - symantec norton_antivirus NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded exte… NVD-CWE-Other
CVE-2002-1777 2024-08-8 13:16 2002-12-31 Show GitHub Exploit DB Packet Storm
256872 9.8 CRITICAL
Network 		- - The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin n… - CVE-2024-7350 2024-08-8 12:15 2024-08-8 Show GitHub Exploit DB Packet Storm
256873 - apache http_server The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated … NVD-CWE-Other
CVE-2003-1307 2024-08-8 12:15 2003-12-31 Show GitHub Exploit DB Packet Storm
256874 8.8 HIGH
Network 		- - The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the wpeden_post_meta post meta value. Th… - CVE-2024-7561 2024-08-8 11:15 2024-08-8 Show GitHub Exploit DB Packet Storm
256875 7.2 HIGH
Network 		- - The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the newsflash_post_meta meta value. Th… - CVE-2024-7560 2024-08-8 11:15 2024-08-8 Show GitHub Exploit DB Packet Storm
256876 8.8 HIGH
Network 		- - The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpeden_post_meta' post meta.… - CVE-2024-7486 2024-08-8 11:15 2024-08-8 Show GitHub Exploit DB Packet Storm
256877 8.5 HIGH
Network 		- - An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-38206 2024-08-8 11:15 2024-08-7 Show GitHub Exploit DB Packet Storm
256878 8.2 HIGH
Network 		- - An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link. CWE-79
Cross-site Scripting 		CVE-2024-38166 2024-08-8 11:15 2024-08-7 Show GitHub Exploit DB Packet Storm
256879 - - - Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when… NVD-CWE-Other
CVE-2004-2238 2024-08-8 11:15 2004-12-31 Show GitHub Exploit DB Packet Storm
256880 - gnu less Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings … NVD-CWE-Other
CVE-2004-2264 2024-08-8 11:15 2004-12-31 Show GitHub Exploit DB Packet Storm