Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241741	7.5	危険	gnudip	-	GnuDIP の cgi-bin/gnudip.cgi における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4720	2012-06-26 16:19	2010-03-18	Show	GitHub Exploit DB Packet Storm

241742	7.5	危険	bob jewell	-	Discloser の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4719	2012-06-26 16:19	2010-03-18	Show	GitHub Exploit DB Packet Storm

241743	7.5	危険	gonafish	-	Gonafish WebStatCaffe における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4718	2012-06-26 16:19	2010-03-15	Show	GitHub Exploit DB Packet Storm

241744	4.3	警告	gonafish	-	Gonafish WebStatCaffe におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4717	2012-06-26 16:19	2010-03-15	Show	GitHub Exploit DB Packet Storm

241745	4.3	警告	edgephp	-	EDGEPHP EZWebSearch の results.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4716	2012-06-26 16:19	2010-03-15	Show	GitHub Exploit DB Packet Storm

241746	4.3	警告	alexandre amaral	-	XOOPS Celepar の quiz モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4714	2012-06-26 16:19	2010-03-15	Show	GitHub Exploit DB Packet Storm

241747	4.3	警告	alexandre amaral	-	XOOPS Celepar の Qas モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4713	2012-06-26 16:19	2010-03-15	Show	GitHub Exploit DB Packet Storm

241748	7.5	危険	dirk maiwert TYPO3 Association	-	TYPO3 の datamints_newsticker 拡張における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4709	2012-06-26 16:19	2010-03-15	Show	GitHub Exploit DB Packet Storm

241749	7.5	危険	alexandre amaral	-	XOOPS Celepar の Qas モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4698	2012-06-26 16:19	2010-03-15	Show	GitHub Exploit DB Packet Storm

241750	7.5	危険	grafxsoftware	-	GraFX MiniCWB における PHP リモートファイルインクルーションの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4693	2012-06-26 16:19	2010-03-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268651	4.8	MEDIUM Network	tenable	nessus	Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).	CWE-79 Cross-site Scripting	CVE-2016-1000029	2024-11-21 11:42	2019-12-28	Show	GitHub Exploit DB Packet Storm

268652	4.8	MEDIUM Network	tenable	nessus	Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).	CWE-79 Cross-site Scripting	CVE-2016-1000028	2024-11-21 11:42	2019-12-28	Show	GitHub Exploit DB Packet Storm

268653	6.1	MEDIUM Network	erlang	erlang\/otp	inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable…	CWE-601 Open Redirect	CVE-2016-1000107	2024-11-21 11:42	2019-12-11	Show	GitHub Exploit DB Packet Storm

268654	6.1	MEDIUM Network	yaws debian	yaws debian_linux	yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY …	CWE-601 Open Redirect	CVE-2016-1000108	2024-11-21 11:42	2019-12-11	Show	GitHub Exploit DB Packet Storm

268655	8.8	HIGH Network	apache opensuse	mod_fcgid leap opensuse	A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.	CWE-20 Improper Input Validation	CVE-2016-1000104	2024-11-21 11:42	2019-12-4	Show	GitHub Exploit DB Packet Storm

268656	6.1	MEDIUM Network	python debian fedoraproject	python debian_linux fedora	The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.	CWE-601 Open Redirect	CVE-2016-1000110	2024-11-21 11:42	2019-11-28	Show	GitHub Exploit DB Packet Storm

268657	9.8	CRITICAL Network	facebook	hhvm	hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.	CWE-416 Use After Free	CVE-2016-1000006	2024-11-21 11:42	2019-11-20	Show	GitHub Exploit DB Packet Storm

268658	6.1	MEDIUM Network	redhat fedoraproject	pagure fedora enterprise_linux	Pagure: XSS possible in file attachment endpoint	CWE-79 Cross-site Scripting	CVE-2016-1000037	2024-11-21 11:42	2019-11-7	Show	GitHub Exploit DB Packet Storm

268659	2.4	LOW Physics	gnome redhat debian opensuse	gnome_display_manager enterprise_linux debian_linux leap	gdm3 3.14.2 and possibly later has an information leak before screen lock	CWE-200 Information Exposure	CVE-2016-1000002	2024-11-21 11:42	2019-11-5	Show	GitHub Exploit DB Packet Storm

268660	5.9	MEDIUM Network	pivotal_software	cloud_foundry_elastic_runtime	Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigatio…	CWE-200 Information Exposure	CVE-2016-0715	2024-11-21 11:42	2018-09-12	Show	GitHub Exploit DB Packet Storm