Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242171 4.3 警告 DNN - DotNetNuke の Language skin オブジェクトにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6732 2012-06-26 16:10 2008-06-11 Show GitHub Exploit DB Packet Storm
242172 9 危険 アバイア - Avaya Communication Manager の Web 管理インターフェースにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6711 2012-06-26 16:10 2008-06-25 Show GitHub Exploit DB Packet Storm
242173 9 危険 アバイア - Avaya Communication Manager の Web 管理インターフェースにおける root 権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6710 2012-06-26 16:10 2008-06-25 Show GitHub Exploit DB Packet Storm
242174 4.3 警告 butterflymedia - Butterfly Organizer におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6700 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
242175 7.5 危険 frank naegler
TYPO3 Association		 - TYPO3 の timtab_sociable における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6695 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
242176 4.3 警告 david cadu
TYPO3 Association		 - TYPO3 の dcdgooglemap におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6687 2012-06-26 16:10 2009-04-10 Show GitHub Exploit DB Packet Storm
242177 4.3 警告 The Dojo Foundation - Dojo の dijit.Editor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6681 2012-06-26 16:10 2009-04-9 Show GitHub Exploit DB Packet Storm
242178 7.5 危険 dirk bartley - nweb2fax の viewrq.php における任意のコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2008-6669 2012-06-26 16:10 2009-04-8 Show GitHub Exploit DB Packet Storm
242179 5 警告 dirk bartley - nweb2fax におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6668 2012-06-26 16:10 2009-04-8 Show GitHub Exploit DB Packet Storm
242180 6.8 警告 anantasoft - Ananta CMS の change.php における管理者の権限を取得される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6665 2012-06-26 16:10 2009-04-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267981 6.5 MEDIUM
Network 		ibm business_process_manager IBM Business Process Manager 8.5.6 through 8.5.6.2 and 8.5.7 before 8.5.7.CF201606 allows remote authenticated users to bypass intended access restrictions and update process-instance variables via a… CWE-284
Improper Access Control 		CVE-2016-0349 2024-11-21 11:41 2016-06-30 Show GitHub Exploit DB Packet Storm
267982 5.4 MEDIUM
Network 		ibm connections Cross-site scripting (XSS) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 through CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or H… CWE-79
Cross-site Scripting 		CVE-2016-0322 2024-11-21 11:41 2016-06-30 Show GitHub Exploit DB Packet Storm
267983 8.1 HIGH
Network 		ibm domino The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass … CWE-284
Improper Access Control 		CVE-2016-0304 2024-11-21 11:41 2016-06-29 Show GitHub Exploit DB Packet Storm
267984 6.5 MEDIUM
Network 		ibm security_guardium Directory traversal vulnerability in IBM Security Guardium Database Activity Monitor 10 before 10.0p100 allows remote authenticated users to read arbitrary files via a crafted URL. CWE-200
Information Exposure 		CVE-2016-0298 2024-11-21 11:41 2016-06-29 Show GitHub Exploit DB Packet Storm
267985 7.7 HIGH
Network 		ibm urbancode_deploy IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 allows remote authenticated users to obtain sensitive cleartext secure-property information via (1) the serv… CWE-200
Information Exposure 		CVE-2016-0267 2024-11-21 11:41 2016-06-29 Show GitHub Exploit DB Packet Storm
267986 7.0 HIGH
Local 		ibm general_parallel_file_system_storage_server
spectrum_scale 		IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapp… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-0263 2024-11-21 11:41 2016-06-29 Show GitHub Exploit DB Packet Storm
267987 7.5 HIGH
Network 		ibm websphere_mq Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service (heap memory consumption) by triggering many errors. CWE-399
 Resource Management Errors 		CVE-2016-0260 2024-11-21 11:41 2016-06-29 Show GitHub Exploit DB Packet Storm
267988 8.8 HIGH
Network 		ibm marketing_platform SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2016-0233 2024-11-21 11:41 2016-06-28 Show GitHub Exploit DB Packet Storm
267989 6.1 MEDIUM
Network 		ibm marketing_platform Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. CWE-79
Cross-site Scripting 		CVE-2016-0229 2024-11-21 11:41 2016-06-28 Show GitHub Exploit DB Packet Storm
267990 9.8 CRITICAL
Network 		ibm marketing_platform SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2016-0224 2024-11-21 11:41 2016-06-28 Show GitHub Exploit DB Packet Storm