Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241091 7.5 危険 beaussier - RoomPHPlanning の Login.php における管理アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2009-4671 2012-06-26 16:19 2010-03-5 Show GitHub Exploit DB Packet Storm
241092 7.5 危険 beaussier - RoomPHPlanning の admin/delitem.php における任意のルームを削除される脆弱性 CWE-287
不適切な認証 		CVE-2009-4670 2012-06-26 16:19 2010-03-5 Show GitHub Exploit DB Packet Storm
241093 7.5 危険 beaussier - RoomPHPlanning における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4669 2012-06-26 16:19 2010-03-5 Show GitHub Exploit DB Packet Storm
241094 9.3 危険 JetAudio - jetAudio の JetCast.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4668 2012-06-26 16:19 2010-03-5 Show GitHub Exploit DB Packet Storm
241095 5 警告 CuteSoft Components - ASP.NET 用の CuteSoft Components Cute Editor におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4665 2012-06-26 16:19 2010-03-5 Show GitHub Exploit DB Packet Storm
241096 3.3 注意 Linux
fwbuilder		 - Firewall Builder における権限を取得される脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-4664 2012-06-26 16:19 2010-03-3 Show GitHub Exploit DB Packet Storm
241097 4.3 警告 BigAntSoft - BigAnt Server におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4661 2012-06-26 16:19 2010-03-3 Show GitHub Exploit DB Packet Storm
241098 10 危険 BigAntSoft - BigAnt IM Server の AntServer モジュール (AntServer.exe) におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4660 2012-06-26 16:19 2010-03-3 Show GitHub Exploit DB Packet Storm
241099 9.3 危険 e-soft.co - E-Soft DJ Studio Pro におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4656 2012-06-26 16:19 2010-03-3 Show GitHub Exploit DB Packet Storm
241100 4.3 警告 geccbblite - geccBBlite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4649 2012-06-26 16:19 2010-02-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267211 7.5 HIGH
Network 		mb.miniaudioplayer_project mb.miniaudioplayer WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and security bypass vulnerabilities because it fails to properl… CWE-610
Externally Controlled Reference to a Resource in Another Sphere 		CVE-2016-0796 2024-11-21 11:42 2022-07-29 Show GitHub Exploit DB Packet Storm
267212 5.3 MEDIUM
Network 		twistedmatrix twisted Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PR… CWE-425
 Direct Request ('Forced Browsing') 		CVE-2016-1000111 2024-11-21 11:42 2020-03-12 Show GitHub Exploit DB Packet Storm
267213 5.3 MEDIUM
Network 		facebook hhvm HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment v… CWE-665
 Improper Initialization 		CVE-2016-1000109 2024-11-21 11:42 2020-02-19 Show GitHub Exploit DB Packet Storm
267214 9.8 CRITICAL
Network 		facebook hhvm mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions prior to 3.9… CWE-843
Type Confusion 		CVE-2016-1000005 2024-11-21 11:42 2020-02-19 Show GitHub Exploit DB Packet Storm
267215 9.8 CRITICAL
Network 		facebook hhvm Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions prior to 3.9.5, all versions between 3.10.… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2016-1000004 2024-11-21 11:42 2020-02-19 Show GitHub Exploit DB Packet Storm
267216 9.8 CRITICAL
Network 		vmware spring_framework Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented with… CWE-502
 Deserialization of Untrusted Data 		CVE-2016-1000027 2024-11-21 11:42 2020-01-3 Show GitHub Exploit DB Packet Storm
267217 4.8 MEDIUM
Network 		tenable nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269). CWE-79
Cross-site Scripting 		CVE-2016-1000029 2024-11-21 11:42 2019-12-28 Show GitHub Exploit DB Packet Storm
267218 4.8 MEDIUM
Network 		tenable nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198). CWE-79
Cross-site Scripting 		CVE-2016-1000028 2024-11-21 11:42 2019-12-28 Show GitHub Exploit DB Packet Storm
267219 6.1 MEDIUM
Network 		erlang erlang\/otp inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable… CWE-601
Open Redirect 		CVE-2016-1000107 2024-11-21 11:42 2019-12-11 Show GitHub Exploit DB Packet Storm
267220 6.1 MEDIUM
Network 		yaws
debian 		yaws
debian_linux 		yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY … CWE-601
Open Redirect 		CVE-2016-1000108 2024-11-21 11:42 2019-12-11 Show GitHub Exploit DB Packet Storm