Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245121 7.5 危険 Activewebsoftwares - Active Price Comparison の login.aspx における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5974 2012-06-26 16:10 2009-01-26 Show GitHub Exploit DB Packet Storm
245122 7.5 危険 Activewebsoftwares - Active Web Mail の login.aspx における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5973 2012-06-26 16:10 2009-01-26 Show GitHub Exploit DB Packet Storm
245123 7.5 危険 Activewebsoftwares - Active Business Directory の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5972 2012-06-26 16:10 2009-01-26 Show GitHub Exploit DB Packet Storm
245124 7.5 危険 globsy - Globsy の globsy_edit.php における任意のファイルを上書きされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5966 2012-06-26 16:10 2009-01-26 Show GitHub Exploit DB Packet Storm
245125 10 危険 gravity-gtd - Gravity GTD の library/setup/rpc.php における任意の PHP コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5963 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
245126 6.8 警告 gravity-gtd - Gravity GTD の library/setup/rpc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5962 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
245127 7.5 危険 Activewebsoftwares - Active Test の start.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5959 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
245128 7.5 危険 Activewebsoftwares - Active Test における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5958 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
245129 5 警告 aspapps - ASP Template Creature におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5951 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
245130 7.5 危険 aspapps - ASP Template Creature の media/media_level.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5950 2012-06-26 16:10 2009-01-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252641 9.8 CRITICAL
Network 		13thmonkey udfclient The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library (e.g., glibc) that lacks its own strlcpy. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8305 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252642 7.5 HIGH
Network 		avast antivirus In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense fe… CWE-269
 Improper Privilege Management 		CVE-2017-8308 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252643 9.8 CRITICAL
Network 		avast antivirus In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulner… NVD-CWE-noinfo
CVE-2017-8307 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252644 5.4 MEDIUM
Network 		blueriver muracms Mura CMS 7.0.6967 allows admin/?muraAction= XSS attacks, related to admin/core/views/carch/list.cfm, admin/core/views/carch/loadsiteflat.cfm, admin/core/views/cusers/inc/dsp_nextn.cfm, admin/core/vie… CWE-79
Cross-site Scripting 		CVE-2017-8302 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252645 5.3 MEDIUM
Network 		openbsd libressl LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callbac… CWE-295
Improper Certificate Validation  		CVE-2017-8301 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252646 5.4 MEDIUM
Network 		cnvs canvas cnvs.io Canvas 3.3.0 has XSS in the title and content fields of a "Posts > Add New" action, and during creation of new tags and users. CWE-79
Cross-site Scripting 		CVE-2017-8298 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252647 9.8 CRITICAL
Network 		simple-file-manager_project simple-file-manager A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component). CWE-22
Path Traversal 		CVE-2017-8297 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252648 7.5 HIGH
Network 		ked_password_manager_project ked_password_manager kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of … CWE-522
 Insufficiently Protected Credentials 		CVE-2017-8296 2024-11-21 12:33 2017-04-28 Show GitHub Exploit DB Packet Storm
252649 7.5 HIGH
Network 		virustotal yara libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_ex… CWE-125
Out-of-bounds Read 		CVE-2017-8294 2024-11-21 12:33 2017-04-27 Show GitHub Exploit DB Packet Storm
252650 9.8 CRITICAL
Network 		riot_project riot Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attac… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8289 2024-11-21 12:33 2017-04-27 Show GitHub Exploit DB Packet Storm