Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242281	4.3	警告	celerondude	-	Celerondude Uploader の account.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6396	2012-06-26 16:10	2009-03-4	Show	GitHub Exploit DB Packet Storm

242282	7.8	危険	3com	-	3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point の Web 管理インターフェースにおけるサービス運用妨害 (DoS) の脆弱性	CWE-134 書式文字列の問題	CVE-2008-6395	2012-06-26 16:10	2009-03-4	Show	GitHub Exploit DB Packet Storm

242283	7.5	危険	CS-Cart	-	CS-Cart の core/user.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6394	2012-06-26 16:10	2009-03-4	Show	GitHub Exploit DB Packet Storm

242284	7.5	危険	1scripts	-	Z1Exchange の showads.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6392	2012-06-26 16:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

242285	7.5	危険	aliensoftcorp	-	Rae Media Contact Management Software SOHO の asadmin/default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6389	2012-06-26 16:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

242286	5	警告	4u2ges	-	Rapid Classified におけるデータベースファイルをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6388	2012-06-26 16:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

242287	5	警告	Activewebsoftwares	-	Quick Tree View .NET におけるデータベースファイルをダウンロードされる脆弱性	CWE-200 情報漏えい	CVE-2008-6387	2012-06-26 16:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

242288	4.3	警告	1scripts	-	Z1Exchange の showads.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6386	2012-06-26 16:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

242289	5	警告	aspportal	-	ASP Portal におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6382	2012-06-26 16:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

242290	4.6	警告	bcoos	-	bcoos の modules/adresses/viewcat.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6381	2012-06-26 16:10	2009-03-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267941	2.7	LOW Network	ibm	forms_experience_builder	Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an …	CWE-79 Cross-site Scripting	CVE-2016-0370	2024-11-21 11:41	2016-09-1	Show	GitHub Exploit DB Packet Storm

267942	6.1	MEDIUM Network	ibm	bigfix_platform	Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HT…	CWE-79 Cross-site Scripting	CVE-2016-0293	2024-11-21 11:41	2016-09-1	Show	GitHub Exploit DB Packet Storm

267943	5.9	MEDIUM Network	ibm	bigfix_webreports	WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.	CWE-200 Information Exposure	CVE-2016-0397	2024-11-21 11:41	2016-08-31	Show	GitHub Exploit DB Packet Storm

267944	5.5	MEDIUM Local	ibm	bigfix	WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report.	CWE-200 Information Exposure	CVE-2016-0292	2024-11-21 11:41	2016-08-31	Show	GitHub Exploit DB Packet Storm

267945	3.3	LOW Local	ibm	sterling_connect\	IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-0380	2024-11-21 11:41	2016-08-8	Show	GitHub Exploit DB Packet Storm

267946	6.5	MEDIUM Network	ibm	general_parallel_file_system	IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticate…	NVD-CWE-noinfo	CVE-2016-0361	2024-11-21 11:41	2016-08-8	Show	GitHub Exploit DB Packet Storm

267947	3.7	LOW Network	ibm	aix vios	The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter cras…	CWE-20 Improper Input Validation	CVE-2016-0281	2024-11-21 11:41	2016-08-8	Show	GitHub Exploit DB Packet Storm

267948	3.7	LOW Network	ibm	vios aix	IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.	CWE-254 7PK - Security Features	CVE-2016-0266	2024-11-21 11:41	2016-08-8	Show	GitHub Exploit DB Packet Storm

267949	5.4	MEDIUM Network	ibm	information_server_framework infosphere_information_governance_catalog infosphere_information_server_business_glossary	Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server F…	CWE-79 Cross-site Scripting	CVE-2016-0280	2024-11-21 11:41	2016-08-8	Show	GitHub Exploit DB Packet Storm

267950	5.3	MEDIUM Network	ibm	maximo_asset_management	IBM Maximo Asset Management 7.5 before 7.5.0.10-TIV-MBS-IFIX002 and 7.6 before 7.6.0.5-TIV-MAMMT-FP001 allows remote attackers to obtain sensitive URL information by reading log files.	CWE-200 Information Exposure	CVE-2016-0393	2024-11-21 11:41	2016-07-18	Show	GitHub Exploit DB Packet Storm