Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242311	7.5	危険	cfmsource	-	CFMSource CF_Auction の forummessages.cfm における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6323	2012-06-26 16:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

242312	7.5	危険	cfmsource	-	CFMSource CFMBlog の index.cfm における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6322	2012-06-26 16:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

242313	5	警告	cfshopkart	-	CF Shopkart におけるユーザ名およびパスワード等の重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-6321	2012-06-26 16:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

242314	7.5	危険	cfshopkart	-	CF Shopkart の index.cfm における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6320	2012-06-26 16:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

242315	7.5	危険	cfmsource	-	CF_Calendar の calendarevent.cfm における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6319	2012-06-26 16:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

242316	7.5	危険	butterflymedia	-	Butterfly Organizer の view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6311	2012-06-26 16:10	2009-02-27	Show	GitHub Exploit DB Packet Storm

242317	7.5	危険	e-topbiz	-	E-topbiz Link Back Checker における管理者アクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2008-6307	2012-06-26 16:10	2009-02-26	Show	GitHub Exploit DB Packet Storm

242318	6.8	警告	freedirectoryscript	-	Free Directory Script の init.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6305	2012-06-26 16:10	2009-02-26	Show	GitHub Exploit DB Packet Storm

242319	4.3	警告	dhcart	-	DHCart の order.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6297	2012-06-26 16:10	2009-02-26	Show	GitHub Exploit DB Packet Storm

242320	4.3	警告	camera life	-	Camera Life におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6295	2012-06-26 16:10	2009-02-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267481	7.8	HIGH Local	google	android	The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-0820	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267482	7.8	HIGH Local	google	android	The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 2536…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-0819	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267483	5.9	MEDIUM Network	google	android	The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinctio…	CWE-254 CWE-345 7PK - Security Features Insufficient Verification of Data Authenticity	CVE-2016-0818	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267484	9.8	CRITICAL Network	google	android	mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_par…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-0816	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267485	9.8	CRITICAL Network	google	android	The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers…	CWE-20 Improper Input Validation	CVE-2016-0815	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267486	8.8	HIGH Network	adobe samsung	flash_player air air_sdk x14j_firmware flash_player_desktop_runtime air_desktop_runtime air_sdk_\&_compiler	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A…	CWE-416 Use After Free	CVE-2016-0999	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267487	8.8	HIGH Network	adobe samsung	flash_player air air_sdk x14j_firmware flash_player_desktop_runtime air_desktop_runtime air_sdk_\&_compiler	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A…	CWE-416 Use After Free	CVE-2016-0998	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267488	8.8	HIGH Network	adobe samsung	flash_player air air_sdk x14j_firmware flash_player_desktop_runtime air_desktop_runtime air_sdk_\&_compiler	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A…	CWE-416 Use After Free	CVE-2016-0997	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267489	8.8	HIGH Network	adobe samsung	flash_player air air_sdk x14j_firmware flash_player_desktop_runtime air_desktop_runtime air_sdk_\&_compiler	Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR …	CWE-416 Use After Free	CVE-2016-0996	2024-11-21 11:42	2016-03-13	Show	GitHub Exploit DB Packet Storm

267490	4.3	MEDIUM Network	emc	documentum_xcp	EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call.	CWE-200 Information Exposure	CVE-2016-0886	2024-11-21 11:42	2016-03-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed