Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241691 7.5 危険 ASP-DEV - ASP-DEv XM Events Diary の diary_viewC.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5924 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
241692 7.5 危険 ASP-DEV - ASP-DEv XM Events Diary の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5923 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
241693 7.5 危険 cfagcms - CFAGCMS の themes/default/index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5922 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
241694 7.5 危険 codeavalanche - CodeAvalanche Articles における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5900 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
241695 7.5 危険 codeavalanche - CodeAvalanche FreeForAll における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5899 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
241696 7.5 危険 codeavalanche - CodeAvalanche Directory における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5898 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
241697 7.5 危険 codeavalanche - CodeAvalanche FreeWallpaper における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5897 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
241698 7.5 危険 codeavalanche - CodeAvalanche RateMySite における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5896 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
241699 7.5 危険 gobbl - Gobbl CMS の admin/auth.php における管理アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-5880 2012-06-26 16:10 2009-01-8 Show GitHub Exploit DB Packet Storm
241700 4.3 警告 FastStone Soft - FastStone Image Viewer におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5870 2012-06-26 16:10 2009-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268101 7.8 HIGH
Local 		avast avast_free_antivirus
avast_internet_security
avast_premier
avast_pro_antivirus 		Heap-based buffer overflow in the Avast virtualization driver (aswSnx.sys) in Avast Internet Security, Pro Antivirus, Premier, and Free Antivirus before 11.1.2253 allows local users to gain privilege… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-8620 2024-11-21 11:38 2016-04-13 Show GitHub Exploit DB Packet Storm
268102 6.1 MEDIUM
Local 		huawei mate_s_firmware
p8_firmware 		The Video0 driver in Huawei P8 smartphones with software GRA-UL00 before GRA-UL00C00B350, GRA-UL10 before GRA-UL10C00B350, GRA-TL00 before GRA-TL00C01B350, GRA-CL00 before GRA-CL00C92B350, and GRA-CL… CWE-20
 Improper Input Validation  		CVE-2015-8682 2024-11-21 11:38 2016-04-13 Show GitHub Exploit DB Packet Storm
268103 7.8 HIGH
Local 		huawei p7_firmware Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-8304 2024-11-21 11:38 2016-04-13 Show GitHub Exploit DB Packet Storm
268104 8.6 HIGH
Network 		debian
inspircd 		debian_linux
inspircd 		The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service (netsplit) via an invalid character in a PTR response, as demonstrated by a "\0… CWE-20
 Improper Input Validation  		CVE-2015-8702 2024-11-21 11:38 2016-04-12 Show GitHub Exploit DB Packet Storm
268105 5.3 MEDIUM
Network 		debian
redmine 		debian_linux
redmine 		app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed. CWE-200
Information Exposure 		CVE-2015-8537 2024-11-21 11:38 2016-04-12 Show GitHub Exploit DB Packet Storm
268106 7.4 HIGH
Network 		debian
redmine 		debian_linux
redmine 		Open redirect vulnerability in the valid_back_url function in app/controllers/application_controller.rb in Redmine before 2.6.7, 3.0.x before 3.0.5, and 3.1.x before 3.1.1 allows remote attackers to … NVD-CWE-Other
CVE-2015-8474 2024-11-21 11:38 2016-04-12 Show GitHub Exploit DB Packet Storm
268107 4.3 MEDIUM
Network 		debian
redmine 		debian_linux
redmine 		The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to … CWE-200
Information Exposure 		CVE-2015-8473 2024-11-21 11:38 2016-04-12 Show GitHub Exploit DB Packet Storm
268108 5.3 MEDIUM
Network 		redmine
debian 		redmine
debian_linux 		app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote attackers to obtain sensitive information about subjects of issues by viewing the ti… CWE-199
 Information Management Errors 		CVE-2015-8346 2024-11-21 11:38 2016-04-12 Show GitHub Exploit DB Packet Storm
268109 5.3 MEDIUM
Network 		lenovo emc_firmware The management interface in LenovoEMC EZ Media & Backup (hm3), ix2/ix2-dl, ix4-300d, px12-400r/450r, px6-300d, px2-300d, px4-300r, px4-400d, px4-400r, and px4-300d NAS devices with firmware before 4.… CWE-254
 7PK - Security Features 		CVE-2015-8108 2024-11-21 11:38 2016-04-12 Show GitHub Exploit DB Packet Storm
268110 7.3 HIGH
Network 		claws-mail
opensuse 		claws-mail
leap
opensuse 		Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecifie… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-8614 2024-11-21 11:38 2016-04-12 Show GitHub Exploit DB Packet Storm