Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251821	2.6	注意	SquirrelMail Project	-	SquirrelMail 用プラグイン Autocomplete におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0323	2012-03-9 12:01	2012-03-9	Show	GitHub Exploit DB Packet Storm

251822	10	危険	Goforandroid	-	Android 用 GO Message Widget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1407	2012-03-9 11:26	2011-03-7	Show	GitHub Exploit DB Packet Storm

251823	10	危険	Goforandroid	-	Android 用 GO Bookmark Widget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1406	2012-03-9 11:24	2011-03-7	Show	GitHub Exploit DB Packet Storm

251824	10	危険	Goforandroid	-	Android 用 GO Note Widget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1405	2012-03-9 11:23	2011-03-7	Show	GitHub Exploit DB Packet Storm

251825	10	危険	Goforandroid	-	Android 用 GO WeiboWidget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1398	2012-03-9 11:22	2012-03-7	Show	GitHub Exploit DB Packet Storm

251826	10	危険	Goforandroid	-	Android 用 GO QQWeiboWidget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1397	2012-03-9 11:16	2012-03-7	Show	GitHub Exploit DB Packet Storm

251827	10	危険	Goforandroid	-	Android 用 GO FBWidget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1396	2012-03-9 11:15	2012-03-7	Show	GitHub Exploit DB Packet Storm

251828	10	危険	Goforandroid	-	Android 用 GO TwiWidget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1395	2012-03-9 11:10	2012-03-7	Show	GitHub Exploit DB Packet Storm

251829	10	危険	Goforandroid	-	Android 用 GO Email Widget アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1394	2012-03-9 11:08	2012-03-7	Show	GitHub Exploit DB Packet Storm

251830	10	危険	Goforandroid	-	Android 用 GO SMS Pro アプリケーションにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2012-1393	2012-03-9 11:06	2012-03-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265301	9.8	CRITICAL Network	exponentcms	exponent_cms	SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.	CWE-89 SQL Injection	CVE-2016-7788	2024-11-21 11:58	2017-03-8	Show	GitHub Exploit DB Packet Storm

265302	9.8	CRITICAL Network	exponentcms	exponent_cms	SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the s…	CWE-89 SQL Injection	CVE-2016-7784	2024-11-21 11:58	2017-03-8	Show	GitHub Exploit DB Packet Storm

265303	9.8	CRITICAL Network	exponentcms	exponent_cms	SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.	CWE-89 SQL Injection	CVE-2016-7783	2024-11-21 11:58	2017-03-8	Show	GitHub Exploit DB Packet Storm

265304	9.8	CRITICAL Network	exponentcms	exponent_cms	SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter.	CWE-89 SQL Injection	CVE-2016-7782	2024-11-21 11:58	2017-03-8	Show	GitHub Exploit DB Packet Storm

265305	9.8	CRITICAL Network	exponentcms	exponent_cms	SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author paramet…	CWE-89 SQL Injection	CVE-2016-7781	2024-11-21 11:58	2017-03-8	Show	GitHub Exploit DB Packet Storm

265306	9.8	CRITICAL Network	exponentcms	exponent_cms	SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.	CWE-89 SQL Injection	CVE-2016-7780	2024-11-21 11:58	2017-03-8	Show	GitHub Exploit DB Packet Storm

265307	7.5	HIGH Network	opensuse fedoraproject libass_project	leap opensuse fedora libass	The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.	CWE-399 Resource Management Errors	CVE-2016-7972	2024-11-21 11:58	2017-03-4	Show	GitHub Exploit DB Packet Storm

265308	7.5	HIGH Network	fedoraproject libass_project	fedora libass	Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-7970	2024-11-21 11:58	2017-03-4	Show	GitHub Exploit DB Packet Storm

265309	7.5	HIGH Network	opensuse fedoraproject libass_project	leap opensuse fedora libass	The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping …	CWE-125 Out-of-bounds Read	CVE-2016-7969	2024-11-21 11:58	2017-03-4	Show	GitHub Exploit DB Packet Storm

265310	3.3	LOW Local	irssi	buf.pl	The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from …	CWE-275 Permission Issues	CVE-2016-7553	2024-11-21 11:58	2017-02-28	Show	GitHub Exploit DB Packet Storm