Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256291 6.8 警告 アップル
GNU Project
サン・マイクロシステムズ
サイバートラスト株式会社
レッドハット		 - GNU tar の contains_dot_dot() 関数におけるディレクトリトラバーサルの脆弱性 - CVE-2007-4131 2010-01-18 12:21 2007-08-23 Show GitHub Exploit DB Packet Storm
256292 4.6 警告 IBM - IBM DB2 の dasauto における管理者権限を持たないユーザが実行可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4150 2010-01-15 14:10 2009-12-2 Show GitHub Exploit DB Packet Storm
256293 2.1 注意 サン・マイクロシステムズ - Sun Solaris の ldap_cachemgr におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-4080 2010-01-15 14:10 2009-11-24 Show GitHub Exploit DB Packet Storm
256294 5 警告 サン・マイクロシステムズ - Sun Solaris の sshd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4075 2010-01-15 14:09 2009-11-23 Show GitHub Exploit DB Packet Storm
256295 2.6 注意 オラクル - Oracle Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-01-14 15:01 2010-01-14 Show GitHub Exploit DB Packet Storm
256296 9.3 危険 マイクロソフト - Microsoft Internet Explorer に脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3672 2010-01-14 12:08 2009-11-25 Show GitHub Exploit DB Packet Storm
256297 9.3 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の java.lang パッケージにおける脆弱性 CWE-362
競合状態 		CVE-2009-2724 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
256298 10 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の Provider クラスにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-2721 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
256299 5 警告 有限会社シースリー - WebCalenderC3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0348 2010-01-12 15:01 2010-01-12 Show GitHub Exploit DB Packet Storm
256300 4.3 警告 有限会社シースリー - WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0349 2010-01-12 15:00 2010-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266771 9.8 CRITICAL
Network 		php php Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2554 2024-11-21 11:48 2016-05-16 Show GitHub Exploit DB Packet Storm
266772 9.8 CRITICAL
Network 		meteocontrol web\'log_pro
web\'log_pro_unlimited
web\'log_basic_100
web\'log_light 		Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors. CWE-200
Information Exposure 		CVE-2016-2298 2024-11-21 11:48 2016-05-15 Show GitHub Exploit DB Packet Storm
266773 9.4 CRITICAL
Network 		meteocontrol web\'log_pro
web\'log_pro_unlimited
web\'log_basic_100
web\'log_light 		Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature." NVD-CWE-noinfo
CVE-2016-2297 2024-11-21 11:48 2016-05-15 Show GitHub Exploit DB Packet Storm
266774 9.4 CRITICAL
Network 		meteocontrol web\'log_pro
web\'log_pro_unlimited
web\'log_basic_100
web\'log_light 		Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify dat… CWE-254
 7PK - Security Features 		CVE-2016-2296 2024-11-21 11:48 2016-05-15 Show GitHub Exploit DB Packet Storm
266775 6.5 MEDIUM
Network 		openafs
debian 		openafs
debian_linux 		The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups … CWE-284
Improper Access Control 		CVE-2016-2860 2024-11-21 11:48 2016-05-14 Show GitHub Exploit DB Packet Storm
266776 7.5 HIGH
Network 		fedoraproject
botan_project 		fedora
botan 		Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors. CWE-20
 Improper Input Validation  		CVE-2016-2850 2024-11-21 11:48 2016-05-13 Show GitHub Exploit DB Packet Storm
266777 7.5 HIGH
Network 		debian
fedoraproject
botan_project 		debian_linux
fedora
botan 		Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret ke… CWE-200
Information Exposure 		CVE-2016-2849 2024-11-21 11:48 2016-05-13 Show GitHub Exploit DB Packet Storm
266778 9.8 CRITICAL
Network 		botan_project botan Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code v… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2196 2024-11-21 11:48 2016-05-13 Show GitHub Exploit DB Packet Storm
266779 9.8 CRITICAL
Network 		botan_project
debian 		botan
debian_linux 		Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point,… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2195 2024-11-21 11:48 2016-05-13 Show GitHub Exploit DB Packet Storm
266780 7.5 HIGH
Network 		debian
botan_project 		debian_linux
botan 		The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a c… CWE-20
 Improper Input Validation  		CVE-2016-2194 2024-11-21 11:48 2016-05-13 Show GitHub Exploit DB Packet Storm