Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241531	7.5	危険	codefixer	-	LinksPro Standard Edition の Default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0431	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241532	4.3	警告	Activewebsoftwares	-	Active Bids におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0430	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241533	7.5	危険	Activewebsoftwares	-	Active Bids における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0429	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241534	7.5	危険	DMXReady	-	DMXReady Secure Document Library の CategoryManager/upload_image_category.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0428	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241535	7.5	危険	DMXReady	-	DMXReady Member Directory Manager の CategoryManager/upload_image_category.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0427	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241536	7.5	危険	DMXReady	-	DMXReady Classified Listings Manager の CategoryManager/upload_image_category.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0426	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241537	7.5	危険	blue eye cms	-	Blue Eye CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0425	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241538	4.3	警告	an guestbook	-	AN Guestbook (ANG) の sign1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0424	2012-06-26 16:10	2009-02-4	Show	GitHub Exploit DB Packet Storm

241539	4.3	警告	agavi	-	Agavi の AgaviWebRouting::gen(null) メソッドにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-0417	2012-06-26 16:10	2009-02-10	Show	GitHub Exploit DB Packet Storm

241540	7.5	危険	community cms	-	Community CMS の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-0406	2012-06-26 16:10	2009-02-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267021	6.0	MEDIUM Local	xen citrix	xen xenserver	Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kern…	CWE-20 Improper Input Validation	CVE-2016-10024	2024-11-21 11:43	2017-01-27	Show	GitHub Exploit DB Packet Storm

267022	7.8	HIGH Local	xen	xen	Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-10013	2024-11-21 11:43	2017-01-27	Show	GitHub Exploit DB Packet Storm

267023	7.5	HIGH Network	php	php	The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application c…	CWE-476 NULL Pointer Dereference	CVE-2016-10162	2024-11-21 11:43	2017-01-25	Show	GitHub Exploit DB Packet Storm

267024	7.5	HIGH Network	php	php	The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read…	CWE-125 Out-of-bounds Read	CVE-2016-10161	2024-11-21 11:43	2017-01-25	Show	GitHub Exploit DB Packet Storm

267025	9.8	CRITICAL Network	php netapp debian	php clustered_data_ontap debian_linux	Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possib…	CWE-193 Off-by-one Error	CVE-2016-10160	2024-11-21 11:43	2017-01-25	Show	GitHub Exploit DB Packet Storm

267026	7.5	HIGH Network	php debian	php debian_linux	Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or applic…	CWE-190 Integer Overflow or Wraparound	CVE-2016-10159	2024-11-21 11:43	2017-01-25	Show	GitHub Exploit DB Packet Storm

267027	7.5	HIGH Network	php	php	The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via …	CWE-189 Numeric Errors	CVE-2016-10158	2024-11-21 11:43	2017-01-25	Show	GitHub Exploit DB Packet Storm

267028	9.8	CRITICAL Network	akamai	netsession	Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because the mentioned DLL is missing from the inst…	CWE-94 Code Injection	CVE-2016-10157	2024-11-21 11:43	2017-01-23	Show	GitHub Exploit DB Packet Storm

267029	7.8	HIGH Local	systemd_project	systemd	A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. Th…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-10156	2024-11-21 11:43	2017-01-23	Show	GitHub Exploit DB Packet Storm

267030	5.9	MEDIUM Network	hiteksoftware	automize	Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP…	CWE-326 Inadequate Encryption Strength	CVE-2016-10104	2024-11-21 11:43	2017-01-23	Show	GitHub Exploit DB Packet Storm