Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241801 5 警告 AOL - AOLserver におけるファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4494 2012-06-26 16:19 2010-01-13 Show GitHub Exploit DB Packet Storm
241802 5 警告 ACME Laboratories - thttpd におけるファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4491 2012-06-26 16:19 2010-01-13 Show GitHub Exploit DB Packet Storm
241803 5 警告 ACME Laboratories - mini_httpd におけるファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4490 2012-06-26 16:19 2010-01-13 Show GitHub Exploit DB Packet Storm
241804 5 警告 Cherokee Project - Cherokee の header.c におけるウィンドウのタイトルを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4489 2012-06-26 16:19 2010-01-13 Show GitHub Exploit DB Packet Storm
241805 4.3 警告 bloofox - BloofoxCMS の search.5.html におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4522 2012-06-26 16:19 2009-12-31 Show GitHub Exploit DB Packet Storm
241806 4.3 警告 Eclipse Foundation - BIRT の birt-viewer/run におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4521 2012-06-26 16:19 2009-12-17 Show GitHub Exploit DB Packet Storm
241807 3.5 注意 Drupal
astha bhatnagar		 - Drupal のモジュールの OpenSocial Shindig-Integrator モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4514 2012-06-26 16:19 2009-12-31 Show GitHub Exploit DB Packet Storm
241808 9.3 危険 AzeoTech, Inc. - AzeoTech DAQFactory の Web サービスにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4480 2012-06-26 16:19 2009-12-30 Show GitHub Exploit DB Packet Storm
241809 4.3 警告 Episerver - Ektron CMS400.NET におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4473 2012-06-26 16:19 2009-12-30 Show GitHub Exploit DB Packet Storm
241810 7.5 危険 freeschool - FreeSchool における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4471 2012-06-26 16:18 2009-12-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268621 5.3 MEDIUM
Network 		borg_project borg Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives. CWE-310
Cryptographic Issues 		CVE-2016-10099 2024-11-21 11:43 2017-01-3 Show GitHub Exploit DB Packet Storm
268622 7.5 HIGH
Network 		forgerock openam XML External Entity (XXE) Vulnerability in /SSOPOST/metaAlias/%realm%/idpv2 in OpenAM - Access Management 10.1.0 allows remote attackers to read arbitrary files via the SAMLRequest parameter. CWE-611
XXE 		CVE-2016-10097 2024-11-21 11:43 2017-01-2 Show GitHub Exploit DB Packet Storm
268623 7.3 HIGH
Network 		genixcms genixcms SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter. CWE-89
SQL Injection 		CVE-2016-10096 2024-11-21 11:43 2017-01-2 Show GitHub Exploit DB Packet Storm
268624 9.8 CRITICAL
Network 		swiftmailer swiftmailer The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code v… CWE-77
Command Injection 		CVE-2016-10074 2024-11-21 11:43 2016-12-31 Show GitHub Exploit DB Packet Storm
268625 9.8 CRITICAL
Network 		phpmailer_project
wordpress
joomla 		phpmailer
wordpress
joomla\! 		The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction be… CWE-77
Command Injection 		CVE-2016-10045 2024-11-21 11:43 2016-12-31 Show GitHub Exploit DB Packet Storm
268626 9.8 CRITICAL
Network 		zend zend_framework
zend-mail 		The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extr… CWE-77
Command Injection 		CVE-2016-10034 2024-11-21 11:43 2016-12-31 Show GitHub Exploit DB Packet Storm
268627 7.0 HIGH
Local 		linux linux_kernel The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitra… CWE-416
 Use After Free 		CVE-2016-10088 2024-11-21 11:43 2016-12-31 Show GitHub Exploit DB Packet Storm
268628 7.2 HIGH
Network 		piwigo piwigo admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter. CWE-284
Improper Access Control 		CVE-2016-10085 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm
268629 7.2 HIGH
Network 		piwigo piwigo admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page['tab'] variable (aka the mode parameter). CWE-284
Improper Access Control 		CVE-2016-10084 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm
268630 6.1 MEDIUM
Network 		piwigo piwigo Cross-site scripting (XSS) vulnerability in admin/plugin.php in Piwigo through 2.8.3 allows remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in a cert… CWE-79
Cross-site Scripting 		CVE-2016-10083 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm