Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242081 9.3 危険 Facebook - Facebook PhotoUploader ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5711 2012-06-26 16:03 2008-12-24 Show GitHub Exploit DB Packet Storm
242082 5 警告 アバイア - Avaya CM の Web 管理インターフェースにおける設定ファイルを読み取られる脆弱性 CWE-16
環境設定 		CVE-2008-5710 2012-06-26 16:03 2008-10-8 Show GitHub Exploit DB Packet Storm
242083 9 危険 アバイア - Avaya CM の Web 管理インターフェースにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5709 2012-06-26 16:03 2008-10-8 Show GitHub Exploit DB Packet Storm
242084 7.5 危険 ASP indir - Iltaweb Alisveris Sistemi の urunler.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5707 2012-06-26 16:03 2008-12-24 Show GitHub Exploit DB Packet Storm
242085 7.6 危険 gpsdrive - gpsdrive-scripts の src/unit_test.c における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-5704 2012-06-26 16:03 2008-12-22 Show GitHub Exploit DB Packet Storm
242086 6.2 警告 gpsdrive - gpsdrive-scripts における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-5703 2012-06-26 16:03 2008-12-22 Show GitHub Exploit DB Packet Storm
242087 4 警告 fdgroup - FDI OLIB7 WebView におけるファイルから重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5678 2012-06-26 16:03 2008-12-18 Show GitHub Exploit DB Packet Storm
242088 9.4 危険 darkwet - Darkwet Network webcamXP の HTTP サーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5674 2012-06-26 16:03 2008-12-18 Show GitHub Exploit DB Packet Storm
242089 6.8 警告 GNOME Project - Vinagre の vinagre_utils_show_error 関数 におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2008-5660 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
242090 7.5 危険 AlstraSoft - AlstraSoft Web Host Directory のログインディレクトリにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5650 2012-06-26 16:03 2008-12-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267521 5.4 MEDIUM
Network 		ibm rational_team_concert
rational_collaborative_lifecycle_management 		Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remo… CWE-79
Cross-site Scripting 		CVE-2016-0331 2024-11-21 11:41 2016-09-12 Show GitHub Exploit DB Packet Storm
267522 3.1 LOW
Network 		ibm websphere_application_server Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is en… CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error') 
Information Exposure 		CVE-2016-0385 2024-11-21 11:41 2016-09-1 Show GitHub Exploit DB Packet Storm
267523 2.7 LOW
Network 		ibm forms_experience_builder Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an … CWE-79
Cross-site Scripting 		CVE-2016-0370 2024-11-21 11:41 2016-09-1 Show GitHub Exploit DB Packet Storm
267524 6.1 MEDIUM
Network 		ibm bigfix_platform Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HT… CWE-79
Cross-site Scripting 		CVE-2016-0293 2024-11-21 11:41 2016-09-1 Show GitHub Exploit DB Packet Storm
267525 5.9 MEDIUM
Network 		ibm bigfix_webreports WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic. CWE-200
Information Exposure 		CVE-2016-0397 2024-11-21 11:41 2016-08-31 Show GitHub Exploit DB Packet Storm
267526 5.5 MEDIUM
Local 		ibm bigfix WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report. CWE-200
Information Exposure 		CVE-2016-0292 2024-11-21 11:41 2016-08-31 Show GitHub Exploit DB Packet Storm
267527 3.3 LOW
Local 		ibm sterling_connect\ IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-0380 2024-11-21 11:41 2016-08-8 Show GitHub Exploit DB Packet Storm
267528 6.5 MEDIUM
Network 		ibm general_parallel_file_system IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticate… NVD-CWE-noinfo
CVE-2016-0361 2024-11-21 11:41 2016-08-8 Show GitHub Exploit DB Packet Storm
267529 3.7 LOW
Network 		ibm aix
vios 		The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter cras… CWE-20
 Improper Input Validation  		CVE-2016-0281 2024-11-21 11:41 2016-08-8 Show GitHub Exploit DB Packet Storm
267530 3.7 LOW
Network 		ibm vios
aix 		IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. CWE-254
 7PK - Security Features 		CVE-2016-0266 2024-11-21 11:41 2016-08-8 Show GitHub Exploit DB Packet Storm