Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245281 6.8 警告 Bharat Mediratta - Gallery における管理者権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-5296 2012-06-26 16:03 2008-11-21 Show GitHub Exploit DB Packet Storm
245282 7.5 危険 bdigital web solutions - WebStudio eCatalogue の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5294 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
245283 7.5 危険 bdigital web solutions - WebStudio eHotel の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5293 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
245284 7.5 危険 fuzzylime - FuzzyLime の code/track.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5291 2012-06-26 16:03 2008-12-1 Show GitHub Exploit DB Packet Storm
245285 6.4 警告 ghh - GHH File Upload Manager におけるアップロードされたファイルを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5283 2012-06-26 16:03 2008-11-28 Show GitHub Exploit DB Packet Storm
245286 6.8 警告 dmitry baryshev - ksquirrel-libs の kernel/kls_hdr/fmt_codec_hdr.cpp におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5263 2012-06-26 16:03 2009-02-26 Show GitHub Exploit DB Packet Storm
245287 7.5 危険 devil - DevIL の src-IL/src/il_hdr.c の iGetHdrHeader 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5262 2012-06-26 16:03 2009-01-13 Show GitHub Exploit DB Packet Storm
245288 9.3 危険 アクシスコミュニケーションズ - AXIS Camera Control の CamImage.CamImage.1 ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5260 2012-06-26 16:03 2009-01-26 Show GitHub Exploit DB Packet Storm
245289 9.3 危険 DivX - DivX Web Player における整数符号化エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2008-5259 2012-06-26 16:03 2009-04-16 Show GitHub Exploit DB Packet Storm
245290 7.5 危険 aspportal - ASPPortal の content/forums/reply.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5268 2012-06-26 16:03 2008-11-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252531 6.5 MEDIUM
Network 		imagemagick
debian 		imagemagick
debian_linux 		In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2017-8344 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
252532 6.5 MEDIUM
Network 		imagemagick
debian 		imagemagick
debian_linux 		In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2017-8343 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
252533 5.5 MEDIUM
Local 		watchguard panda_antivirus PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8339 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
252534 8.1 HIGH
Network 		radicale radicale Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. CWE-362
Race Condition 		CVE-2017-8342 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
252535 6.5 MEDIUM
Network 		entropymine imageworsener The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image. CWE-400
 Uncontrolled Resource Consumption 		CVE-2017-8327 2024-11-21 12:33 2017-04-30 Show GitHub Exploit DB Packet Storm
252536 8.8 HIGH
Network 		entropymine imageworsener libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (applica… CWE-682
 Incorrect Calculation 		CVE-2017-8326 2024-11-21 12:33 2017-04-30 Show GitHub Exploit DB Packet Storm
252537 8.8 HIGH
Network 		entropymine imageworsener The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8325 2024-11-21 12:33 2017-04-30 Show GitHub Exploit DB Packet Storm
252538 8.8 HIGH
Network 		roundcube webmail Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly rest… CWE-269
 Improper Privilege Management 		CVE-2017-8114 2024-11-21 12:33 2017-04-30 Show GitHub Exploit DB Packet Storm
252539 7.5 HIGH
Network 		xstream_project
debian 		xstream
debian_linux 		XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application cr… CWE-20
 Improper Input Validation  		CVE-2017-7957 2024-11-21 12:33 2017-04-30 Show GitHub Exploit DB Packet Storm
252540 8.8 HIGH
Network 		enalean
phpwiki_project 		tuleap
phpwiki 		Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before … CWE-78
OS Command  		CVE-2017-7981 2024-11-21 12:33 2017-04-30 Show GitHub Exploit DB Packet Storm