Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241751	5	警告	flagship industries	-	Flagship Industries Ventrilo の decryption 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-3680	2012-06-26 16:02	2008-08-14	Show	GitHub Exploit DB Packet Storm

241752	4.3	警告	damian hickey	-	Freeway の admin/search_links.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3678	2012-06-26 16:02	2008-08-14	Show	GitHub Exploit DB Packet Storm

241753	5	警告	gelatocms	-	Gelato の classes/imgsize.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-3675	2012-06-26 16:02	2008-08-14	Show	GitHub Exploit DB Packet Storm

241754	5	警告	Linux Acronis International GmbH	-	Acronis True Image Echo Server における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2008-3671	2012-06-26 16:02	2008-08-13	Show	GitHub Exploit DB Packet Storm

241755	6.8	警告	articlefriendly	-	Article Friendly Pro の authordetail.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3670	2012-06-26 16:02	2008-08-13	Show	GitHub Exploit DB Packet Storm

241756	5	警告	Bharat Mediratta	-	Gallery におけるクッキーをキャプチャされる脆弱性	CWE-310 暗号の問題	CVE-2008-3662	2012-06-26 16:02	2008-09-18	Show	GitHub Exploit DB Packet Storm

241757	6.8	警告	articlefriendly	-	Article Friendly Standard の categorydetail.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3649	2012-06-26 16:02	2008-08-12	Show	GitHub Exploit DB Packet Storm

241758	8.5	危険	21degrees	-	Twentyone Degrees Symphony の File Manager における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-3592	2012-06-26 16:02	2008-08-11	Show	GitHub Exploit DB Packet Storm

241759	7.5	危険	21degrees	-	212cafeBoard の lib/class.admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3591	2012-06-26 16:02	2008-08-11	Show	GitHub Exploit DB Packet Storm

241760	7.5	危険	egi zaberl	-	E. Z. Poll の admin/login.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3590	2012-06-26 16:02	2008-08-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267711	-	token_insert_entity_project	token_insert_entity	The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access restri…	CWE-200 Information Exposure	CVE-2015-8602	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267712	-	chat_room_project	chat_room	The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restr…	CWE-200 Information Exposure	CVE-2015-8601	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267713	-	sap	mobile_platform	The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vec…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-8600	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267714	-	cacti	cacti	SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to gr…	CWE-89 SQL Injection	CVE-2015-8369	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267715	-	ntop	ntopng	ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.	CWE-254 7PK - Security Features	CVE-2015-8368	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267716	-	xen	xen	The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allow…	CWE-399 Resource Management Errors	CVE-2015-8341	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267717	-	xen	xen	The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host cr…	CWE-17 Code	CVE-2015-8340	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267718	-	xen	xen	The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host …	CWE-19 Data Processing Errors	CVE-2015-8339	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267719	-	xen	xen	Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_me…	CWE-254 7PK - Security Features	CVE-2015-8338	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm

267720	-	redhat linuxfoundation canonical debian	enterprise_linux_server_eus enterprise_linux_hpc_node enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation foomatic-filters ubuntu_linux cups-filters …	Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` …	NVD-CWE-Other	CVE-2015-8327	2024-11-21 11:38	2015-12-18	Show	GitHub Exploit DB Packet Storm