Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245621 7.5 危険 bosdev - BosDev BosClassifieds の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6526 2012-06-26 16:10 2009-03-25 Show GitHub Exploit DB Packet Storm
245622 6.5 警告 cale dunlap - openInvoice の resetpass.php における任意のユーザパスワードを変更される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-6524 2012-06-26 16:10 2009-03-25 Show GitHub Exploit DB Packet Storm
245623 7.5 危険 cale dunlap - openInvoice の auth.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-6523 2012-06-26 16:10 2009-03-25 Show GitHub Exploit DB Packet Storm
245624 6.8 警告 devraj mukherjee - Terracotta の ContentRender.class.php の RenderFile 関数におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-6522 2012-06-26 16:10 2009-03-25 Show GitHub Exploit DB Packet Storm
245625 7.8 危険 devraj mukherjee - Terracotta の index.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-6521 2012-06-26 16:10 2009-03-25 Show GitHub Exploit DB Packet Storm
245626 6.2 警告 compiz - Compiz Fusion の Expo プラグインにおけるロックされたデスクトップへアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6514 2012-06-26 16:10 2009-03-24 Show GitHub Exploit DB Packet Storm
245627 6.8 警告 Andy's PHP Knowledgebase Project - Andy's PHP Knowledgebase の saa.php における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6513 2012-06-26 16:10 2009-03-24 Show GitHub Exploit DB Packet Storm
245628 6.8 警告 Google - Google Gears の WorkerPool API における同一送信元ポリシーを回避される脆弱性 CWE-Other
その他 		CVE-2008-6512 2012-06-26 16:10 2009-03-24 Show GitHub Exploit DB Packet Storm
245629 4.3 警告 codetoad - CodeToad ASP Shopping Cart Script におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6500 2012-06-26 16:10 2009-03-20 Show GitHub Exploit DB Packet Storm
245630 5.5 警告 Apache Friends - XAMPP の security/xamppsecurity.php における重要な変数を偽装される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6499 2012-06-26 16:10 2009-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349831 - whm_autopilot whm_autopilot clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to enc… NVD-CWE-Other
CVE-2004-2524 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349832 - s9y serendipity Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable. NVD-CWE-Other
CVE-2004-2525 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349833 - ibm tivoli_directory_server Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. (dot dot) in the Template parameter. NVD-CWE-Other
CVE-2004-2526 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349834 - - - The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+… NVD-CWE-Other
CVE-2004-2527 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349835 - - - The DoS flaw affects slower machines and those with less ram quicker than higher specification machines. On very hi-spec machines, the flaw does not seem to be exploitable. NVD-CWE-Other
CVE-2004-2527 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349836 - webcam_corp webcam_watchdog Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam Watchdog 4.0.1a allows remote attackers to inject arbitrary web script or HTML via the cam parameter. NVD-CWE-Other
CVE-2004-2528 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349837 - gadu-gadu gadu-gadu_instant_messenger Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities. NVD-CWE-Other
CVE-2004-2529 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349838 - - - Visual truncation vulnerability in Gadu-Gadu allows remote attackers to spoof the file extension on transmitted files via a filename with a large number of spaces followed by the real extension, whic… NVD-CWE-Other
CVE-2004-2530 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349839 - gnu gnutls X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing lon… NVD-CWE-Other
CVE-2004-2531 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
349840 - fastream netfile_server Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of serv… NVD-CWE-Other
CVE-2004-2534 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm