Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243731 4.3 警告 freearcadescript - Free Arcade Script におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2771 2012-06-26 16:10 2009-08-14 Show GitHub Exploit DB Packet Storm
243732 7.5 危険 dd-wrt - DD-WRT 24 sp1 の管理 GUI の httpd の httpd.c における設定を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2766 2012-06-26 16:10 2009-07-20 Show GitHub Exploit DB Packet Storm
243733 8.3 危険 dd-wrt - DD-WRT 24 sp1 の管理 GUI の httpd の httpd.c における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-2765 2012-06-26 16:10 2009-07-20 Show GitHub Exploit DB Packet Storm
243734 7.2 危険 Avira - 複数の Avira 製品で使用されるスケジューラにおける権限を取得される脆弱性 CWE-Other
その他 		CVE-2009-2761 2012-06-26 16:10 2009-08-13 Show GitHub Exploit DB Packet Storm
243735 7.5 危険 Achievo - Achievo の get_employee 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2734 2012-06-26 16:10 2009-10-11 Show GitHub Exploit DB Packet Storm
243736 4.3 警告 Achievo - Achievo におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2733 2012-06-26 16:10 2009-10-11 Show GitHub Exploit DB Packet Storm
243737 7.8 危険 Digium - 複数の Asterisk 製品における SIP チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-2726 2012-06-26 16:10 2009-08-12 Show GitHub Exploit DB Packet Storm
243738 5 警告 Django Software Foundation - Django の core/servers/basehttp.py の Admin メディアハンドラにおける任意のファイルを読まれる脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-2659 2012-06-26 16:10 2009-08-4 Show GitHub Exploit DB Packet Storm
243739 5 警告 Digium - Asterisk Open Source の main/rtp.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-2651 2012-06-26 16:10 2009-07-27 Show GitHub Exploit DB Packet Storm
243740 4.7 警告 FreeBSD - FreeBSD の IATA (ata) ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2649 2012-06-26 16:10 2009-07-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346471 - phpbb_group phpbb Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG… NVD-CWE-Other
CVE-2005-3310 2017-07-11 10:33 2005-10-26 Show GitHub Exploit DB Packet Storm
346472 - appindex mwchat SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter. NVD-CWE-Other
CVE-2005-3324 2017-07-11 10:33 2005-10-27 Show GitHub Exploit DB Packet Storm
346473 - snoopy snoopy The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metac… CWE-20
 Improper Input Validation  		CVE-2005-3330 2017-07-11 10:33 2005-10-27 Show GitHub Exploit DB Packet Storm
346474 - rogers_software_source mgdiff_patch_viewer viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2005-3331 2017-07-11 10:33 2005-10-27 Show GitHub Exploit DB Packet Storm
346475 - ebase ebaseweb SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. NVD-CWE-Other
CVE-2005-3333 2017-07-11 10:33 2005-10-27 Show GitHub Exploit DB Packet Storm
346476 - flyspray flyspray Cross-site scripting (XSS) vulnerability in index.php in Flyspray 0.9.7 through 0.9.8 (devel) allows remote attackers to inject arbitrary web script or HTML via the (1) PHPSESSID, (2) task, (3) strin… NVD-CWE-Other
CVE-2005-3334 2017-07-11 10:33 2005-10-27 Show GitHub Exploit DB Packet Storm
346477 - mantis mantis PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_c… NVD-CWE-Other
CVE-2005-3335 2017-07-11 10:33 2005-10-27 Show GitHub Exploit DB Packet Storm
346478 - dhis_tools dns_package DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh. NVD-CWE-Other
CVE-2005-3341 2017-07-11 10:33 2005-12-28 Show GitHub Exploit DB Packet Storm
346479 - tkdiff tkdiff tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2005-3343 2017-07-11 10:33 2005-12-28 Show GitHub Exploit DB Packet Storm
346480 - horde horde The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access. NVD-CWE-Other
CVE-2005-3344 2017-07-11 10:33 2005-11-16 Show GitHub Exploit DB Packet Storm