Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241701 5.1 警告 constructr - Constructr CMS の backend/template.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5860 2012-06-26 16:10 2009-01-6 Show GitHub Exploit DB Packet Storm
241702 5.1 警告 constructr - Constructr CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5859 2012-06-26 16:10 2009-01-6 Show GitHub Exploit DB Packet Storm
241703 5 警告 class - ClaSS の scripts/export.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5856 2012-06-26 16:10 2009-01-6 Show GitHub Exploit DB Packet Storm
241704 5 警告 chicomas - Chilek Content Management System におけるデータベースのバックアップを読み取られる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5853 2012-06-26 16:10 2009-01-6 Show GitHub Exploit DB Packet Storm
241705 5 警告 emefa - Emefa Guestbook におけるデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5852 2012-06-26 16:10 2009-01-6 Show GitHub Exploit DB Packet Storm
241706 10 危険 アドバンテック株式会社 - Advantech ADAM-6000 モジュールにおける HTTP セッションを取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-5848 2012-06-26 16:10 2009-01-6 Show GitHub Exploit DB Packet Storm
241707 2.6 注意 constructr - Constructr CMS における重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-5847 2012-06-26 16:10 2009-01-5 Show GitHub Exploit DB Packet Storm
241708 4.3 警告 fujitsu-siemens - Fujitsu-Siemens WebTrasactions におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5842 2012-06-26 16:10 2009-01-5 Show GitHub Exploit DB Packet Storm
241709 9.3 危険 foxmail - Foxmail におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5839 2012-06-26 16:10 2009-01-5 Show GitHub Exploit DB Packet Storm
241710 7.5 危険 ephpscripts - E-Php Scripts E-Shop Shopping Cart Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5838 2012-06-26 16:10 2009-01-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268091 7.5 HIGH
Local 		xen xen Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a s… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-8554 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268092 8.2 HIGH
Local 		xen
novell 		xen
suse_linux_enterprise_real_time_extension 		Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend… CWE-284
Improper Access Control 		CVE-2015-8550 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268093 8.8 HIGH
Network 		redhat
libpng
fedoraproject
debian 		enterprise_linux_desktop_supplementary
enterprise_linux_server_supplementary
enterprise_linux_hpc_node
enterprise_linux_workstation_supplementary
libpng
fedora
debian_linux 		Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.… CWE-189
Numeric Errors 		CVE-2015-8540 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268094 5.5 MEDIUM
Local 		libtiff
debian 		libtiff
debian_linux 		The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-8683 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268095 5.5 MEDIUM
Local 		libtiff libtiff tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-8665 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268096 6.1 MEDIUM
Network 		silverstripe silverstripe Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework before 3.1.16 and 3.2.x before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Loca… CWE-79
Cross-site Scripting 		CVE-2015-8606 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268097 8.6 HIGH
Network 		citrix
xen 		xenserver
xen 		Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains … CWE-200
Information Exposure 		CVE-2015-8555 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268098 6.5 MEDIUM
Local 		xen
redhat 		xen
enterprise_linux 		Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists … CWE-200
Information Exposure 		CVE-2015-8553 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268099 4.4 MEDIUM
Local 		xen
canonical
debian
novell 		xen
ubuntu_linux
debian_linux
suse_linux_enterprise_debuginfo
suse_linux_enterprise_real_time_extension 		The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messag… CWE-20
 Improper Input Validation  		CVE-2015-8552 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm
268100 6.0 MEDIUM
Local 		linux
debian
suse
opensuse 		linux_kernel
debian_linux
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_software_development_kit
linux_enterprise_real_time_extension
linux_enterprise_workstatio… 		The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of se… CWE-476
 NULL Pointer Dereference 		CVE-2015-8551 2024-11-21 11:38 2016-04-14 Show GitHub Exploit DB Packet Storm