Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242071	7.5	危険	almondsoft	-	AlmondSoft Almond Classifieds Ads Enterprise の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3226	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242072	4.3	警告	almondsoft	-	AlmondSoft Almond Classifieds Wap におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3225	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242073	7.5	危険	classified-software 68classifieds	-	Super Mod System の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3224	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242074	4.3	警告	freewebscriptz	-	FWSHT の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3222	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242075	9.3	危険	basicunivers.free.fr	-	ALP におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-3221	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242076	9.3	危険	broid	-	broid におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-3213	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242077	6.8	警告	dimofinf	-	VivaPrograms Infinity Script における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3212	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242078	6.8	警告	dimofinf	-	VivaPrograms Infinity Script におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-3211	2012-06-26 16:18	2009-09-16	Show	GitHub Exploit DB Packet Storm

242079	6.8	警告	Drupal drewish	-	Drupal の ImageCache モジュールにおける任意のイメージを表示される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3207	2012-06-26 16:18	2009-08-19	Show	GitHub Exploit DB Packet Storm

242080	3.5	注意	Drupal drewish	-	Drupal の ImageCache モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3206	2012-06-26 16:18	2009-08-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266791	8.8	HIGH Network	sil suse opensuse oracle mozilla	graphite2 linux_enterprise leap opensuse linux firefox	Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attack…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2796	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

266792	8.8	HIGH Network	suse opensuse oracle mozilla sil	linux_enterprise leap opensuse linux firefox graphite2	The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data …	CWE-19 Data Processing Errors	CVE-2016-2795	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

266793	8.8	HIGH Network	mozilla sil suse opensuse oracle	firefox graphite2 linux_enterprise leap opensuse linux	The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a de…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2794	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

266794	8.8	HIGH Network	oracle mozilla sil suse opensuse	linux firefox graphite2 linux_enterprise leap opensuse	CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2793	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

266795	8.8	HIGH Network	sil mozilla oracle suse opensuse	graphite2 firefox linux linux_enterprise leap opensuse	The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of ser…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2792	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

266796	8.8	HIGH Network	suse opensuse mozilla oracle sil	linux_enterprise leap opensuse firefox linux graphite2	The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (bu…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2791	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

266797	8.8	HIGH Network	suse opensuse mozilla sil oracle	linux_enterprise leap opensuse firefox graphite2 linux	The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data s…	CWE-19 Data Processing Errors	CVE-2016-2790	2024-11-21 11:48	2016-03-14	Show	GitHub Exploit DB Packet Storm

266798	5.9	MEDIUM Network	isc debian canonical	dhcp debian_linux ubuntu_linux	ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertio…	CWE-20 Improper Input Validation	CVE-2016-2774	2024-11-21 11:48	2016-03-10	Show	GitHub Exploit DB Packet Storm

266799	5.3	MEDIUM Network	google	chrome	The Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 49.0.2623.75, does not ignore a URL's path component in the case of a ServiceWorker fetch, which allows remo…	CWE-200 Information Exposure	CVE-2016-2845	2024-11-21 11:48	2016-03-6	Show	GitHub Exploit DB Packet Storm

266800	8.8	HIGH Network	google	chrome	WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to…	CWE-20 Improper Input Validation	CVE-2016-2844	2024-11-21 11:48	2016-03-6	Show	GitHub Exploit DB Packet Storm