Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242251 7.5 危険 geniuscyber - CMS MAXSITE の Guestbook コンポーネントにおける guestbook に任意の PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6446 2012-06-26 16:10 2009-03-9 Show GitHub Exploit DB Packet Storm
242252 10 危険 Baidu, Inc. - Baidu Hi IM の CSTransfer.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-6444 2012-06-26 16:10 2009-03-9 Show GitHub Exploit DB Packet Storm
242253 9.3 危険 epic games - ゲーム製品で使用される Epic Games Unreal エンジンクライアントにおけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2008-6441 2012-06-26 16:10 2009-03-9 Show GitHub Exploit DB Packet Storm
242254 5 警告 Cerberus, LLC - Cerberus Helpdesk における重要な情報を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-6440 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242255 4.3 警告 abledating - ABK-Soft AbleDating の search_results.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6439 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242256 7.5 危険 e107.org
e107coders		 - e107 用 MacGuru BLOG Engine プラグイン のmacgurublog_menu/macgurublog.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6438 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242257 7.5 危険 Blue River - Blue River Interactive Group Sava CMS の index.cfm における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6434 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242258 4.3 警告 Blue River - Blue River Interactive Group Sava CMS の index.cfm におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6433 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242259 4.3 警告 bmforum - BMForum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6431 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
242260 7.5 危険 comicshout - ComicShout の news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6425 2012-06-26 16:10 2009-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267841 6.5 MEDIUM
Network 		microsoft windows_rt_8.1
windows_server_2012
windows_7
windows_10
windows_8.1
windows_server_2008
windows_vista 		GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attacke… CWE-200
Information Exposure 		CVE-2016-0168 2024-11-21 11:41 2016-05-11 Show GitHub Exploit DB Packet Storm
267842 4.3 MEDIUM
Network 		ibm db2
db2_connect 		IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA mess… CWE-20
 Improper Input Validation  		CVE-2016-0211 2024-11-21 11:41 2016-04-28 Show GitHub Exploit DB Packet Storm
267843 6.1 MEDIUM
Network 		oracle business_intelligence Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confide… NVD-CWE-noinfo
CVE-2016-0479 2024-11-21 11:41 2016-04-21 Show GitHub Exploit DB Packet Storm
267844 5.5 MEDIUM
Local 		oracle micros_c2 Unspecified vulnerability in the Oracle Retail MICROS C2 component in Oracle Retail Applications 9.89.0.0 allows local users to affect confidentiality via vectors related to POS. NVD-CWE-noinfo
CVE-2016-0469 2024-11-21 11:41 2016-04-21 Show GitHub Exploit DB Packet Storm
267845 5.4 MEDIUM
Network 		oracle business_intelligence Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affe… NVD-CWE-noinfo
CVE-2016-0468 2024-11-21 11:41 2016-04-21 Show GitHub Exploit DB Packet Storm
267846 5.4 MEDIUM
Network 		oracle peoplesoft_enterprise_peopletools Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity … NVD-CWE-noinfo
CVE-2016-0408 2024-11-21 11:41 2016-04-21 Show GitHub Exploit DB Packet Storm
267847 6.5 MEDIUM
Network 		oracle peoplesoft_enterprise_human_capital_management_human_resources Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Fusio… NVD-CWE-noinfo
CVE-2016-0407 2024-11-21 11:41 2016-04-21 Show GitHub Exploit DB Packet Storm
267848 7.5 HIGH
Network 		microsoft internet_explorer Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-0166 2024-11-21 11:41 2016-04-13 Show GitHub Exploit DB Packet Storm
267849 7.5 HIGH
Network 		microsoft internet_explorer Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corrupti… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-0164 2024-11-21 11:41 2016-04-13 Show GitHub Exploit DB Packet Storm
267850 6.5 MEDIUM
Network 		microsoft edge Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-015… CWE-254
 7PK - Security Features 		CVE-2016-0161 2024-11-21 11:41 2016-04-13 Show GitHub Exploit DB Packet Storm