Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 20, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240811 6.4 警告 minimal design - minimal Gallery の _mg/php/mg_thumbs.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0259 2012-09-25 16:59 2008-01-15 Show GitHub Exploit DB Packet Storm
240812 4.3 警告 php running management - phpRunMan の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0258 2012-09-25 16:59 2008-01-15 Show GitHub Exploit DB Packet Storm
240813 7.5 危険 matteo binda - Matteo Binda ASP Photo Gallery における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0256 2012-09-25 16:59 2008-01-15 Show GitHub Exploit DB Packet Storm
240814 7.5 危険 igamingcms - iGaming の archive.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0255 2012-09-25 16:59 2008-01-15 Show GitHub Exploit DB Packet Storm
240815 10 危険 photopost - PhotoPost vBGallery における任意のファイルをアップロードされる脆弱性 CWE-20
CWE-94
CVE-2008-0251 2012-09-25 16:59 2008-01-11 Show GitHub Exploit DB Packet Storm
240816 9.3 危険 マイクロソフト - Microsoft Visual InterDev 6.0 におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0250 2012-09-25 16:59 2008-01-11 Show GitHub Exploit DB Packet Storm
240817 10 危険 IBM - IBM TSM Express におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0247 2012-09-25 16:59 2008-01-11 Show GitHub Exploit DB Packet Storm
240818 6.8 警告 マイクロソフト - Microsoft Rich Textbox ActiveX Control における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0237 2012-09-25 16:59 2008-01-10 Show GitHub Exploit DB Packet Storm
240819 5.8 警告 マイクロソフト - Microsoft Visual FoxPro の ActiveX コントロールにおける任意のコマンドを実行される脆弱性 CWE-DesignError
CVE-2008-0236 2012-09-25 16:59 2008-01-10 Show GitHub Exploit DB Packet Storm
240820 10 危険 マイクロソフト - Microsoft VFP_OLE_Server ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0235 2012-09-25 16:59 2008-01-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269631 7.8 HIGH
Local 		nvidia shield_tablet_firmware
shield_tablet_tk1_firmware
shield_tv_firmware
video_driver 		Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-6915 2024-11-21 11:57 2017-04-25 Show GitHub Exploit DB Packet Storm
269632 7.8 HIGH
Local 		nvidia shield_tablet_firmware
shield_tablet_tk1_firmware
shield_tv_firmware
video_driver 		Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-6917 2024-11-21 11:57 2017-04-25 Show GitHub Exploit DB Packet Storm
269633 7.8 HIGH
Local 		nvidia shield_tablet_firmware
shield_tablet_tk1_firmware
shield_tv_firmware
video_driver 		Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denia… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-6916 2024-11-21 11:57 2017-04-25 Show GitHub Exploit DB Packet Storm
269634 9.9 CRITICAL
Network 		lshell_project lshell lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-6903 2024-11-21 11:57 2017-04-25 Show GitHub Exploit DB Packet Storm
269635 9.9 CRITICAL
Network 		lshell_project lshell lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-6902 2024-11-21 11:57 2017-04-25 Show GitHub Exploit DB Packet Storm
269636 4.6 MEDIUM
Physics 		redhat quickstart_cloud_installer The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the d… CWE-200
Information Exposure 		CVE-2016-7060 2024-11-21 11:57 2017-04-15 Show GitHub Exploit DB Packet Storm
269637 8.6 HIGH
Network 		fasterxml jackson-dataformat-xml XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via ve… CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)  		CVE-2016-7051 2024-11-21 11:57 2017-04-15 Show GitHub Exploit DB Packet Storm
269638 7.0 HIGH
Local 		todd_miller sudo sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function. CWE-284
Improper Access Control 		CVE-2016-7032 2024-11-21 11:57 2017-04-15 Show GitHub Exploit DB Packet Storm
269639 7.5 HIGH
Network 		botan_project botan The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value. CWE-320
 Key Management Errors 		CVE-2016-6879 2024-11-21 11:57 2017-04-11 Show GitHub Exploit DB Packet Storm
269640 9.8 CRITICAL
Network 		botan_project botan The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstra… CWE-20
 Improper Input Validation  		CVE-2016-6878 2024-11-21 11:57 2017-04-11 Show GitHub Exploit DB Packet Storm