Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252051	4.3	警告	My Kazaam	-	My Kazaam Notes Management System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4985	2011-12-9 14:35	2011-11-1	Show	GitHub Exploit DB Packet Storm

252052	7.5	危険	Cafuego	-	Simple Document Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4986	2011-12-9 14:34	2011-11-1	Show	GitHub Exploit DB Packet Storm

252053	7.5	危険	KMSoft	-	KMSoft Guestbook の default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4987	2011-12-9 14:34	2011-11-1	Show	GitHub Exploit DB Packet Storm

252054	7.5	危険	FamilyCMS	-	Family Connections Who is Chatting における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-4988	2011-12-9 14:33	2011-11-1	Show	GitHub Exploit DB Packet Storm

252055	7.5	危険	Farsi CMS	-	Ziggurat Farsi CMS の main.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4989	2011-12-9 14:28	2011-11-1	Show	GitHub Exploit DB Packet Storm

252056	7.5	危険	B-Elektro	-	Joomla! 用 Front-edit Address Book コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4990	2011-12-9 14:28	2011-11-1	Show	GitHub Exploit DB Packet Storm

252057	7.5	危険	Ninja Forge	-	Joomla! 用 NinjaMonials コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4991	2011-12-9 14:27	2011-11-1	Show	GitHub Exploit DB Packet Storm

252058	7.5	危険	Payments Plus	-	Joomla! 用 Payments Plus コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4992	2011-12-9 14:26	2011-11-1	Show	GitHub Exploit DB Packet Storm

252059	7.5	危険	Kay Messerschmidt	-	Joomla! 用 eventcal コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4993	2011-12-9 14:26	2011-11-1	Show	GitHub Exploit DB Packet Storm

252060	7.5	危険	Instant Php	-	Joomla! 用 Jobs Pro コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4994	2011-12-9 14:25	2011-11-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265741	9.8	CRITICAL Network	php	php	Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argumen…	CWE-190 Integer Overflow or Wraparound	CVE-2016-4344	2024-11-21 11:51	2016-05-22	Show	GitHub Exploit DB Packet Storm

265742	8.8	HIGH Network	php opensuse	php opensuse	The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service…	CWE-824 Access of Uninitialized Pointer	CVE-2016-4343	2024-11-21 11:51	2016-05-22	Show	GitHub Exploit DB Packet Storm

265743	8.8	HIGH Network	opensuse php	leap php	ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memor…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-4342	2024-11-21 11:51	2016-05-22	Show	GitHub Exploit DB Packet Storm

265744	7.5	HIGH Network	gnome debian opensuse	librsvg debian_linux leap opensuse	The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an S…	CWE-20 Improper Input Validation	CVE-2016-4348	2024-11-21 11:51	2016-05-20	Show	GitHub Exploit DB Packet Storm

265745	9.8	CRITICAL Network	php apple	php mac_os_x	Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-4073	2024-11-21 11:51	2016-05-20	Show	GitHub Exploit DB Packet Storm

265746	9.8	CRITICAL Network	php apple	php mac_os_x	The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 chara…	CWE-20 Improper Input Validation	CVE-2016-4072	2024-11-21 11:51	2016-05-20	Show	GitHub Exploit DB Packet Storm

265747	9.8	CRITICAL Network	php apple	php mac_os_x	Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via for…	CWE-20 Improper Input Validation	CVE-2016-4071	2024-11-21 11:51	2016-05-20	Show	GitHub Exploit DB Packet Storm

265748	7.5	HIGH Network	php	php	Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (applica…	CWE-189 Numeric Errors	CVE-2016-4070	2024-11-21 11:51	2016-05-20	Show	GitHub Exploit DB Packet Storm

265749	9.8	CRITICAL Network	lantronix	xprintserver_firmware	Lantronix xPrintServer devices with firmware before 5.0.1-65 have hardcoded credentials, which allows remote attackers to obtain root access via unspecified vectors.	CWE-255 NVD-CWE-Other Credentials Management	CVE-2016-4325	2024-11-21 11:51	2016-05-15	Show	GitHub Exploit DB Packet Storm

265750	9.8	CRITICAL Network	enlightenment debian opensuse	imlib2 debian_linux opensuse	Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write opera…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-4024	2024-11-21 11:51	2016-05-14	Show	GitHub Exploit DB Packet Storm