Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245531 7.5 危険 classifieds caffe - Classifieds Caffe の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1936 2012-06-26 16:02 2008-04-25 Show GitHub Exploit DB Packet Storm
245532 7.5 危険 crazy goomba - Crazy Goomba の commentaires.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1934 2012-06-26 16:02 2008-04-25 Show GitHub Exploit DB Packet Storm
245533 7.1 危険 Digium - Asterisk の IAX2 チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2008-1923 2012-06-26 16:02 2008-04-22 Show GitHub Exploit DB Packet Storm
245534 7.5 危険 5th avenue software - 5th Avenue Shopping Cart の store_pages/category_list.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1921 2012-06-26 16:02 2008-04-23 Show GitHub Exploit DB Packet Storm
245535 4.3 警告 amfphp - AMFPHP におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1917 2012-06-26 16:02 2008-04-23 Show GitHub Exploit DB Packet Storm
245536 7.5 危険 devworx - DevWorx BlogWorx の view.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1915 2012-06-26 16:02 2008-04-23 Show GitHub Exploit DB Packet Storm
245537 10 危険 BigAntSoft - BigAnt Messenger の AntServer モジュールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1914 2012-06-26 16:02 2008-04-22 Show GitHub Exploit DB Packet Storm
245538 9.3 危険 DivX - DivX Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1912 2012-06-26 16:02 2008-04-22 Show GitHub Exploit DB Packet Storm
245539 6.8 警告 1024cms - 1024 CMS の includes/system.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1911 2012-06-26 16:02 2008-04-22 Show GitHub Exploit DB Packet Storm
245540 10 危険 Borland Software Corporation - Borland InterBase のibserver.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1910 2012-06-26 16:02 2008-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
253091 7.8 HIGH
Local 		gnu bash The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter. CWE-20
 Improper Input Validation  		CVE-2017-5932 2024-11-21 12:28 2017-03-28 Show GitHub Exploit DB Packet Storm
253092 8.8 HIGH
Local 		qemu qemu Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code … CWE-190
 Integer Overflow or Wraparound 		CVE-2017-5931 2024-11-21 12:28 2017-03-28 Show GitHub Exploit DB Packet Storm
253093 7.0 HIGH
Local 		s-nail_project s-nail Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a … CWE-22
CWE-362
Path Traversal
Race Condition 		CVE-2017-5899 2024-11-21 12:28 2017-03-28 Show GitHub Exploit DB Packet Storm
253094 7.5 HIGH
Network 		openbsd openbsd httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2017-5850 2024-11-21 12:28 2017-03-28 Show GitHub Exploit DB Packet Storm
253095 9.8 CRITICAL
Network 		intelliants subrion_cms Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter. CWE-89
SQL Injection 		CVE-2017-6013 2024-11-21 12:28 2017-03-27 Show GitHub Exploit DB Packet Storm
253096 6.1 MEDIUM
Network 		dotcms dotcms dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields. CWE-79
Cross-site Scripting 		CVE-2017-6003 2024-11-21 12:28 2017-03-27 Show GitHub Exploit DB Packet Storm
253097 8.8 HIGH
Network 		intelliants subrion_cms Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add any blog entry, and can optionally insert XSS into that entry via the body parameter. CWE-352
 Origin Validation Error 		CVE-2017-6002 2024-11-21 12:28 2017-03-27 Show GitHub Exploit DB Packet Storm
253098 5.9 MEDIUM
Physics 		oneplus oxygenos With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open … CWE-276
Incorrect Default Permissions  		CVE-2017-5622 2024-11-21 12:28 2017-03-27 Show GitHub Exploit DB Packet Storm
253099 8.8 HIGH
Network 		nuxeo nuxeo Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in … CWE-22
Path Traversal 		CVE-2017-5869 2024-11-21 12:28 2017-03-24 Show GitHub Exploit DB Packet Storm
253100 5.5 MEDIUM
Local 		apache poi Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack. CWE-776
XML Entity Expansion 		CVE-2017-5644 2024-11-21 12:28 2017-03-24 Show GitHub Exploit DB Packet Storm