Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
242391 9.3 危険 JSPWiki - JSPWiki における任意の .jsp ファイルをアップロードされる脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2008-1230 2012-09-25 16:59 2008-03-10 Show GitHub Exploit DB Packet Storm
242392 4.3 警告 JSPWiki - JSPWiki の Edit.jsp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-1229 2012-09-25 16:59 2008-03-10 Show GitHub Exploit DB Packet Storm
242393 4.3 警告 minigal - MG2 の admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-1228 2012-09-25 16:59 2008-03-10 Show GitHub Exploit DB Packet Storm
242394 5 警告 MicroWorld Technologies Inc. - MicroWorld eScan Corporate Edition などの FTP サーバにおける絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2008-1221 2012-09-25 16:59 2008-03-10 Show GitHub Exploit DB Packet Storm
242395 6.8 警告 IBM - IBM Lotus Quickr サーバにおける任意の Web スクリプトなどを挿入される脆弱性 CWE-20
不適切な入力確認
CVE-2008-1216 2012-09-25 16:59 2008-03-8 Show GitHub Exploit DB Packet Storm
242396 7.5 危険 numara - Numara FootPrints の MRcgi/MRProcessIncomingForms.pl における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション
CVE-2008-1214 2012-09-25 16:59 2008-03-7 Show GitHub Exploit DB Packet Storm
242397 4.3 警告 numara - Linux 用の Numara FootPrints におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-1213 2012-09-25 16:59 2008-03-7 Show GitHub Exploit DB Packet Storm
242398 6.8 警告 linux kiss server - Linux Kiss Server の lks.c におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題
CVE-2008-1206 2012-09-25 16:59 2008-03-7 Show GitHub Exploit DB Packet Storm
242399 9.3 危険 マイクロソフト - Microsoft Access 2000 における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2008-1200 2012-09-25 16:59 2008-03-6 Show GitHub Exploit DB Packet Storm
242400 6.3 警告 ネットギア
marvell
- Netgear WN802T Wi-Fi アクセスポイントの Marvell ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2008-1197 2012-09-25 16:59 2008-09-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
285561 - debian
gaia-gis
debian_linux
freexl
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a workbook. CWE-20
 Improper Input Validation 
CVE-2015-2753 2024-11-21 11:27 2015-03-31 Show GitHub Exploit DB Packet Storm
285562 - shibboleth
debian
service_provider
debian_linux
Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message. CWE-20
 Improper Input Validation 
CVE-2015-2684 2024-11-21 11:27 2015-03-31 Show GitHub Exploit DB Packet Storm
285563 - nih
php
fedoraproject
debian
opensuse
libzip
php
fedora
debian_linux
opensuse
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other p… CWE-189
Numeric Errors
CVE-2015-2331 2024-11-21 11:27 2015-03-30 Show GitHub Exploit DB Packet Storm
285564 - redhat
apple
opensuse
php
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_node_eus
mac_os_x
opensus…
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, whic… CWE-264
Permissions, Privileges, and Access Controls
CVE-2015-2348 2024-11-21 11:27 2015-03-30 Show GitHub Exploit DB Packet Storm
285565 - rxspencer_project
debian
canonical
opensuse
php
rxspencer
debian_linux
ubuntu_linux
opensuse
php
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow … CWE-190
 Integer Overflow or Wraparound
CVE-2015-2305 2024-11-21 11:27 2015-03-30 Show GitHub Exploit DB Packet Storm
285566 - canonical
debian
opensuse
php
apple
redhat
ubuntu_linux
debian_linux
opensuse
php
mac_os_x
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_ser…
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have uns… CWE-416
 Use After Free
CVE-2015-2301 2024-11-21 11:27 2015-03-30 Show GitHub Exploit DB Packet Storm
285567 - websense v-series_appliances
triton_ap_data
triton_ap_web
triton_ap_email
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Securi… CWE-200
Information Exposure
CVE-2015-2748 2024-11-21 11:27 2015-03-26 Show GitHub Exploit DB Packet Storm
285568 - websense v-series_appliances
triton
Multiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject … CWE-79
Cross-site Scripting
CVE-2015-2747 2024-11-21 11:27 2015-03-26 Show GitHub Exploit DB Packet Storm
285569 - websense v-series_appliances
triton
The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticat… CWE-77
Command Injection
CVE-2015-2746 2024-11-21 11:27 2015-03-26 Show GitHub Exploit DB Packet Storm
285570 - citrix command_center Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 does not properly restrict access to the Advent Java Management Extensions (JMX) Servlet, which allows remote attackers to execut… CWE-264
Permissions, Privileges, and Access Controls
CVE-2015-2683 2024-11-21 11:27 2015-03-26 Show GitHub Exploit DB Packet Storm