Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242051	7.5	危険	Joomla! focusdev	-	Joomla! の Focusplus Developments surveymanager コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3325	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242052	7.5	危険	andres g aragoneses	-	ProdLer の include/prodler.class.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-3324	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242053	7.5	危険	dimofinf	-	DCI-Designs Dawaween の poems.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3319	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242054	7.5	危険	breedveld Joomla!	-	Joomla! の album コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-3318	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242055	7.5	危険	ELITE　LADDAERS	-	Elite Gaming Ladders の ladders.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3314	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242056	6.5	警告	fmyclone	-	FMyClone における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3313	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242057	7.5	危険	cfshopkart	-	ShopKart の index.cfm における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3309	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242058	7.5	危険	fanupdate	-	FanUpdate の show-cat.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3308	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242059	7.5	危険	frank lichtenheld	-	FSphp における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-3307	2012-06-26 16:18	2009-09-23	Show	GitHub Exploit DB Packet Storm

242060	3.3	注意	GForge Group	-	GForge における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2009-3304	2012-06-26 16:18	2009-12-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266881	7.5	HIGH Network	oxide_project	oxide	A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3.	CWE-20 Improper Input Validation	CVE-2016-1586	2024-11-21 11:46	2019-04-23	Show	GitHub Exploit DB Packet Storm

266882	9.8	CRITICAL Network	canonical	apparmor	In all versions of AppArmor mount rules are accidentally widened when compiled.	CWE-254 7PK - Security Features	CVE-2016-1585	2024-11-21 11:46	2019-04-23	Show	GitHub Exploit DB Packet Storm

266883	5.3	MEDIUM Network	unity8	unity8	In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input.	CWE-399 Resource Management Errors	CVE-2016-1584	2024-11-21 11:46	2019-04-23	Show	GitHub Exploit DB Packet Storm

266884	9.8	CRITICAL Network	canonical	ubuntu_download_manager	UDM provides support for running commands after a download is completed, this is currently made use of for click package installation. This functionality was not restricted to unconfined applications…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1579	2024-11-21 11:46	2019-04-23	Show	GitHub Exploit DB Packet Storm

266885	7.8	HIGH Local	ubports	unity8	Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope.	CWE-416 Use After Free	CVE-2016-1573	2024-11-21 11:46	2019-04-23	Show	GitHub Exploit DB Packet Storm

266886	7.8	HIGH Local	debian	postgresql-common	The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, i…	CWE-59 Link Following	CVE-2016-1255	2024-11-21 11:46	2017-12-6	Show	GitHub Exploit DB Packet Storm

266887	7.5	HIGH Network	torproject opensuse_project debian fedoraproject opensuse	tor leap debian_linux fedora opensuse	Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1254	2024-11-21 11:46	2017-12-6	Show	GitHub Exploit DB Packet Storm

266888	9.8	CRITICAL Network	debian	most	The most package in Debian wheezy before 5.0.0a-2.2, in Debian jessie before 5.0.0a-2.3+deb8u1, and in Debian unstable before 5.0.0a-3 allows remote attackers to execute arbitrary commands via shell …	CWE-78 OS Command	CVE-2016-1253	2024-11-21 11:46	2017-12-6	Show	GitHub Exploit DB Packet Storm

266889	5.9	MEDIUM Network	debian canonical	advanced_package_tool ubuntu_linux	The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 bef…	CWE-295 Improper Certificate Validation	CVE-2016-1252	2024-11-21 11:46	2017-12-6	Show	GitHub Exploit DB Packet Storm

266890	9.8	CRITICAL Network	juniper	junos_space	A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery …	CWE-255 CWE-352 CWE-200 Credentials Management Origin Validation Error Information Exposure	CVE-2016-1265	2024-11-21 11:46	2017-10-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed