Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242291 5.5 警告 Apache Friends - XAMPP の security/xamppsecurity.php における重要な変数を偽装される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6499 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
242292 6.8 警告 Apache Friends - XAMPP の security/xamppsecurity.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6498 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
242293 5 警告 easy-news - Easy Content Management Publishing におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6493 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
242294 7.5 危険 denis moinel - PHPGKit における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6491 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
242295 7.5 危険 flysforum - FLABER の function/update_xml.php における任意のファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6490 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
242296 7.5 危険 digiappz - Digiappz DigiAffiliate の login.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6487 2012-06-26 16:10 2009-03-18 Show GitHub Exploit DB Packet Storm
242297 4.3 警告 BlogEngine.NET - BlogEngine.NET の blog/search.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6476 2012-06-26 16:10 2009-03-16 Show GitHub Exploit DB Packet Storm
242298 7.5 危険 drake team - Drake CMS の components/guestbook/guestbook.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6475 2012-06-26 16:10 2009-03-16 Show GitHub Exploit DB Packet Storm
242299 6.8 警告 edikon - Edikon phpShop におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2008-6455 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
242300 7.5 危険 6rbscript - 6rbScript の section.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6454 2012-06-26 16:10 2009-03-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267981 4.8 MEDIUM
Network 		tenable nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269). CWE-79
Cross-site Scripting 		CVE-2016-1000029 2024-11-21 11:42 2019-12-28 Show GitHub Exploit DB Packet Storm
267982 4.8 MEDIUM
Network 		tenable nessus Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198). CWE-79
Cross-site Scripting 		CVE-2016-1000028 2024-11-21 11:42 2019-12-28 Show GitHub Exploit DB Packet Storm
267983 6.1 MEDIUM
Network 		erlang erlang\/otp inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable… CWE-601
Open Redirect 		CVE-2016-1000107 2024-11-21 11:42 2019-12-11 Show GitHub Exploit DB Packet Storm
267984 6.1 MEDIUM
Network 		yaws
debian 		yaws
debian_linux 		yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY … CWE-601
Open Redirect 		CVE-2016-1000108 2024-11-21 11:42 2019-12-11 Show GitHub Exploit DB Packet Storm
267985 8.8 HIGH
Network 		apache
opensuse 		mod_fcgid
leap
opensuse 		A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. CWE-20
 Improper Input Validation  		CVE-2016-1000104 2024-11-21 11:42 2019-12-4 Show GitHub Exploit DB Packet Storm
267986 6.1 MEDIUM
Network 		python
debian
fedoraproject 		python
debian_linux
fedora 		The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. CWE-601
Open Redirect 		CVE-2016-1000110 2024-11-21 11:42 2019-11-28 Show GitHub Exploit DB Packet Storm
267987 9.8 CRITICAL
Network 		facebook hhvm hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions. CWE-416
 Use After Free 		CVE-2016-1000006 2024-11-21 11:42 2019-11-20 Show GitHub Exploit DB Packet Storm
267988 6.1 MEDIUM
Network 		redhat
fedoraproject 		pagure
fedora
enterprise_linux 		Pagure: XSS possible in file attachment endpoint CWE-79
Cross-site Scripting 		CVE-2016-1000037 2024-11-21 11:42 2019-11-7 Show GitHub Exploit DB Packet Storm
267989 2.4 LOW
Physics 		gnome
redhat
debian
opensuse 		gnome_display_manager
enterprise_linux
debian_linux
leap 		gdm3 3.14.2 and possibly later has an information leak before screen lock CWE-200
Information Exposure 		CVE-2016-1000002 2024-11-21 11:42 2019-11-5 Show GitHub Exploit DB Packet Storm
267990 5.9 MEDIUM
Network 		pivotal_software cloud_foundry_elastic_runtime Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigatio… CWE-200
Information Exposure 		CVE-2016-0715 2024-11-21 11:42 2018-09-12 Show GitHub Exploit DB Packet Storm