Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250941 7.5 危険 Ruby on Rails project - Ruby on Rails における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-0448 2012-03-27 18:42 2011-02-8 Show GitHub Exploit DB Packet Storm
250942 6.8 警告 Ruby on Rails project - Ruby on Rails におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-0447 2012-03-27 18:42 2011-02-8 Show GitHub Exploit DB Packet Storm
250943 4.3 警告 Ruby on Rails project - Ruby on Rails の mail_to ヘルパーにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-0446 2012-03-27 18:42 2011-02-9 Show GitHub Exploit DB Packet Storm
250944 6.8 警告 TinyBB - TinyBB における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-0443 2012-03-27 18:42 2011-01-12 Show GitHub Exploit DB Packet Storm
250945 3.5 注意 DELL EMC (旧 EMC Corporation) - EMC Avamar のサービスユーティリティにおける重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2011-0442 2012-03-27 18:42 2011-03-16 Show GitHub Exploit DB Packet Storm
250946 6.3 警告 The PHP Group - PHP の Debian GNU/Linux /etc/cron.d/php5 クーロンジョブにおける任意のファイルを削除される脆弱性 CWE-59
リンク解釈の問題 		CVE-2011-0441 2012-03-27 18:42 2011-03-29 Show GitHub Exploit DB Packet Storm
250947 5.8 警告 Mahara - Mahara におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-0440 2012-03-27 18:42 2011-03-28 Show GitHub Exploit DB Packet Storm
250948 4.3 警告 Mahara - Mahara におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-0439 2012-03-27 18:42 2011-03-28 Show GitHub Exploit DB Packet Storm
250949 6.8 警告 arthurdejong - nss-pam-ldapd PAM モジュールにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-0438 2012-03-27 18:42 2011-03-15 Show GitHub Exploit DB Packet Storm
250950 4 警告 GPLHost - DTC の shared/inc/sql/ssh.php における任意のアカウントを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-0437 2012-03-27 18:42 2011-03-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266311 7.8 HIGH
Local 		linux linux_kernel drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other i… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-9084 2024-11-21 12:00 2016-11-28 Show GitHub Exploit DB Packet Storm
266312 7.8 HIGH
Local 		linux linux_kernel drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact… CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error') 
 Integer Overflow or Wraparound 		CVE-2016-9083 2024-11-21 12:00 2016-11-28 Show GitHub Exploit DB Packet Storm
266313 9.8 CRITICAL
Network 		siemens ccid1445-dn18_firmware
ccid1445-dn28_firmware
ccid1445-dn36_firmware
ccis1425_firmware
ccmd3025-dn18_firmware
ccms2025_firmware
ccmw1025_firmware
ccmw3025_firmware
ccpw3025_fi… 		The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; … CWE-284
Improper Access Control 		CVE-2016-9155 2024-11-21 12:00 2016-11-22 Show GitHub Exploit DB Packet Storm
266314 7.8 HIGH
Local 		paloaltonetworks pan-os Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows local users to gain privileges via crafted v… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-9151 2024-11-21 12:00 2016-11-19 Show GitHub Exploit DB Packet Storm
266315 9.8 CRITICAL
Network 		paloaltonetworks pan-os Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-9150 2024-11-21 12:00 2016-11-19 Show GitHub Exploit DB Packet Storm
266316 6.5 MEDIUM
Network 		paloaltonetworks pan-os The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 mishandles single qu… CWE-19
 Data Processing Errors 		CVE-2016-9149 2024-11-21 12:00 2016-11-19 Show GitHub Exploit DB Packet Storm
266317 5.5 MEDIUM
Local 		xmlsoft
canonical 		libxml2
ubuntu_linux 		libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, … CWE-611
XXE 		CVE-2016-9318 2024-11-21 12:00 2016-11-16 Show GitHub Exploit DB Packet Storm
266318 9.8 CRITICAL
Network 		exponentcms exponent_cms In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search m… CWE-89
SQL Injection 		CVE-2016-9287 2024-11-21 12:00 2016-11-15 Show GitHub Exploit DB Packet Storm
266319 8.8 HIGH
Network 		dotcms dotcms SQL injection vulnerability in the "Site Browser > HTML pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. CWE-89
SQL Injection 		CVE-2016-8908 2024-11-21 12:00 2016-11-15 Show GitHub Exploit DB Packet Storm
266320 8.8 HIGH
Network 		dotcms dotcms SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. CWE-89
SQL Injection 		CVE-2016-8907 2024-11-21 12:00 2016-11-15 Show GitHub Exploit DB Packet Storm