Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 2:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242271	7.5	危険	dbmasters	-	dB Masters Multimedia Links Directory の admin.php における管理者アクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2009-4584	2012-06-26 16:19	2010-01-6	Show	GitHub Exploit DB Packet Storm

242272	4.3	警告	FacileForms Joomla! Mambo Foundation	-	Mambo および Joomla! 用の Facileforms コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4578	2012-06-26 16:19	2010-01-6	Show	GitHub Exploit DB Packet Storm

242273	4.3	警告	Drupal	-	Drupal 用の Randomizer モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4602	2012-06-26 16:19	2009-12-9	Show	GitHub Exploit DB Packet Storm

242274	7.5	危険	cmstactics Joomla!	-	Joomla! の beeheard コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4576	2012-06-26 16:19	2010-01-6	Show	GitHub Exploit DB Packet Storm

242275	7.5	危険	elkagroup	-	elkagroup Image Gallery における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4569	2012-06-26 16:19	2010-01-5	Show	GitHub Exploit DB Packet Storm

242276	4.3	警告	Snitz	-	Snitz Forums 2000 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4554	2012-06-26 16:19	2010-01-4	Show	GitHub Exploit DB Packet Storm

242277	9.3	危険	cdmi	-	A2 Media Player Pro におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4549	2012-06-26 16:19	2010-01-4	Show	GitHub Exploit DB Packet Storm

242278	4.3	警告	cromosoft	-	Cromosoft Technologies Facil Helpdesk Lite の kbase/kbase.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4544	2012-06-26 16:19	2010-01-4	Show	GitHub Exploit DB Packet Storm

242279	6.8	警告	cromosoft	-	Cromosoft Technologies Facil Helpdesk Lite の index.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-4543	2012-06-26 16:19	2010-01-4	Show	GitHub Exploit DB Packet Storm

242280	6.8	警告	bpowerhouse	-	Mini CMS の page.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4540	2012-06-26 16:19	2010-01-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266911	6.5	MEDIUM Network	ffmpeg	ffmpeg	The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (out-of-bounds array read access) via crafted JPEG 2000 data.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2213	2024-11-21 11:48	2016-02-3	Show	GitHub Exploit DB Packet Storm

266912	8.8	HIGH Network	mcafee	vulnerability_manager	Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote …	CWE-352 Origin Validation Error	CVE-2016-2199	2024-11-21 11:48	2016-02-2	Show	GitHub Exploit DB Packet Storm

266913	-		-	-	In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products th…	-	CVE-2016-20022	2024-11-21 11:47	2024-06-28	Show	GitHub Exploit DB Packet Storm

266914	9.8	CRITICAL Network	gentoo	portage	In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-w…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2016-20021	2024-11-21 11:47	2024-01-12	Show	GitHub Exploit DB Packet Storm

266915	7.5	HIGH Network	knexjs	knex	Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.	CWE-89 SQL Injection	CVE-2016-20018	2024-11-21 11:47	2022-12-19	Show	GitHub Exploit DB Packet Storm

266916	9.8	CRITICAL Network	dlink	dsl-2750b_firmware	D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.	CWE-77 Command Injection	CVE-2016-20017	2024-11-21 11:47	2022-10-19	Show	GitHub Exploit DB Packet Storm

266917	9.8	CRITICAL Network	mvpower	tv-7104he_firmware tv7108he_firmware	MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating sy…	NVD-CWE-noinfo	CVE-2016-20016	2024-11-21 11:47	2022-10-19	Show	GitHub Exploit DB Packet Storm

266918	7.5	HIGH Network	smokeping	smokeping	In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileg…	NVD-CWE-noinfo	CVE-2016-20015	2024-11-21 11:47	2022-09-21	Show	GitHub Exploit DB Packet Storm

266919	6.4	MEDIUM Network	kippo-graph_project	kippo-graph	In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in class/KippoInput.class.php.	CWE-79 Cross-site Scripting	CVE-2016-2139	2024-11-21 11:47	2022-07-29	Show	GitHub Exploit DB Packet Storm

266920	6.4	MEDIUM Network	kippo-graph_project	kippo-graph	In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in class/KippoInput.class.php.	CWE-79 Cross-site Scripting	CVE-2016-2138	2024-11-21 11:47	2022-07-29	Show	GitHub Exploit DB Packet Storm