Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242021 7.5 危険 china-on-site - FlexPHPNews の admin/usercheck.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5927 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
242022 7.5 危険 ASP-DEV - ASP-DEv Internal E-Mail System の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5926 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
242023 5 警告 ASP-DEV - ASP-DEv XM Events Diary におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5925 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
242024 7.5 危険 ASP-DEV - ASP-DEv XM Events Diary の diary_viewC.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5924 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
242025 7.5 危険 ASP-DEV - ASP-DEv XM Events Diary の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5923 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
242026 7.5 危険 cfagcms - CFAGCMS の themes/default/index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5922 2012-06-26 16:10 2009-01-21 Show GitHub Exploit DB Packet Storm
242027 7.5 危険 codeavalanche - CodeAvalanche Articles における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5900 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
242028 7.5 危険 codeavalanche - CodeAvalanche FreeForAll における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5899 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
242029 7.5 危険 codeavalanche - CodeAvalanche Directory における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5898 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
242030 7.5 危険 codeavalanche - CodeAvalanche FreeWallpaper における管理者パスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5897 2012-06-26 16:10 2009-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267241 9.8 CRITICAL
Network 		nagios nagios The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge o… CWE-798
 Use of Hard-coded Credentials 		CVE-2016-0726 2024-11-21 11:42 2017-06-7 Show GitHub Exploit DB Packet Storm
267242 6.1 MEDIUM
Network 		pivotal_software
cloudfoundry 		cloud_foundry_elastic_runtime
cloud_foundry_uaa
cloud_foundry
login-server
cloud_foundry_uaa_bosh 		The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions p… CWE-79
Cross-site Scripting 		CVE-2016-0781 2024-11-21 11:42 2017-05-26 Show GitHub Exploit DB Packet Storm
267243 7.5 HIGH
Network 		pivotal_software
cloudfoundry 		cloud_foundry_elastic_runtime
cf-release 		It was discovered that cf-release v231 and lower, Pivotal Cloud Foundry Elastic Runtime 1.5.x versions prior to 1.5.17 and Pivotal Cloud Foundry Elastic Runtime 1.6.x versions prior to 1.6.18 do not … CWE-399
 Resource Management Errors 		CVE-2016-0780 2024-11-21 11:42 2017-05-26 Show GitHub Exploit DB Packet Storm
267244 9.8 CRITICAL
Network 		pivotal_software
cloudfoundry 		cloud_foundry_elastic_runtime
garden_linux 		Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used t… CWE-19
 Data Processing Errors 		CVE-2016-0761 2024-11-21 11:42 2017-05-26 Show GitHub Exploit DB Packet Storm
267245 8.1 HIGH
Network 		clusterlabs
redhat
fedoraproject 		pcs
enterprise_linux
fedora 		Session fixation vulnerability in pcsd in pcs before 0.9.157. CWE-384
 Session Fixation 		CVE-2016-0721 2024-11-21 11:42 2017-04-22 Show GitHub Exploit DB Packet Storm
267246 8.8 HIGH
Network 		clusterlabs
redhat
fedoraproject 		pcs
enterprise_linux
fedora 		Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. CWE-352
 Origin Validation Error 		CVE-2016-0720 2024-11-21 11:42 2017-04-22 Show GitHub Exploit DB Packet Storm
267247 7.5 HIGH
Network 		google android Android allows users to cause a denial of service. NVD-CWE-noinfo
CVE-2016-0833 2024-11-21 11:42 2017-04-21 Show GitHub Exploit DB Packet Storm
267248 7.8 HIGH
Local 		canonical ubuntu_linux The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-0727 2024-11-21 11:42 2017-04-15 Show GitHub Exploit DB Packet Storm
267249 9.8 CRITICAL
Network 		apache tomee The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object. CWE-502
 Deserialization of Untrusted Data 		CVE-2016-0779 2024-11-21 11:42 2017-04-12 Show GitHub Exploit DB Packet Storm
267250 6.1 MEDIUM
Network 		zahmit_design connections_business_directory_plugin Cross-site scripting (XSS) vulnerability in includes/admin/pages/manage.php in the Connections Business Directory plugin before 8.5.9 for WordPress allows remote attackers to inject arbitrary web scr… CWE-79
Cross-site Scripting 		CVE-2016-0770 2024-11-21 11:42 2017-03-17 Show GitHub Exploit DB Packet Storm