Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229471	7.5	危険	webdynamite	-	WebDynamite ProjectButler の pda_projects.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-2791	2012-12-20 19:10	2009-08-17	Show	GitHub Exploit DB Packet Storm

229472	7.5	危険	softbiz	-	SoftBiz Dating Script の cat_products.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2790	2012-12-20 19:10	2009-08-17	Show	GitHub Exploit DB Packet Storm

229473	6.8	警告	reputation	-	PunBB 用の Reputation プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-2787	2012-12-20 19:10	2009-08-17	Show	GitHub Exploit DB Packet Storm

229474	7.5	危険	reputation	-	PunBB 用の Reputation プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2786	2012-12-20 19:10	2009-08-17	Show	GitHub Exploit DB Packet Storm

229475	4.3	警告	XOOPS	-	XOOPS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2783	2012-12-20 19:10	2009-08-17	Show	GitHub Exploit DB Packet Storm

229476	7.5	危険	sellatsite.com	-	Smart ASP Survey の showresult.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2776	2012-12-20 19:10	2009-08-14	Show	GitHub Exploit DB Packet Storm

229477	7.5	危険	phparcadescript	-	PHP Arcade Script の linkout.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2775	2012-12-20 19:10	2009-08-14	Show	GitHub Exploit DB Packet Storm

229478	7.5	危険	php-paid4mail	-	PHP Paid 4 Mail Script の paidbanner.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-2774	2012-12-20 19:10	2009-08-14	Show	GitHub Exploit DB Packet Storm

229479	7.5	危険	shop-020	-	PHP Paid 4 Mail Script の home.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-2773	2012-12-20 19:10	2009-08-14	Show	GitHub Exploit DB Packet Storm

229480	4.3	警告	realtysoft	-	PG Roommate Finder Solution におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2772	2012-12-20 19:10	2009-08-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
220711	8.8	HIGH Network	hdfgroup	hdf5	An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.	CWE-125 Out-of-bounds Read	CVE-2019-9152	2024-11-21 13:51	2019-02-26	Show	GitHub Exploit DB Packet Storm

220712	8.8	HIGH Network	hdfgroup	hdf5	An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VM_memcpyvv in H5VM.c when called from H5D__compact_readvv in H5Dcompact.c.	CWE-125 Out-of-bounds Read	CVE-2019-9151	2024-11-21 13:51	2019-02-26	Show	GitHub Exploit DB Packet Storm

220713	7.5	HIGH Adjacent	jamf	self_service	Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacO…	NVD-CWE-noinfo	CVE-2019-9146	2024-11-21 13:51	2019-02-26	Show	GitHub Exploit DB Packet Storm

220714	6.1	MEDIUM Network	hsycms	hsycms	An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page.	CWE-79 Cross-site Scripting	CVE-2019-9145	2024-11-21 13:51	2019-02-26	Show	GitHub Exploit DB Packet Storm

220715	8.8	HIGH Network	exiv2	exiv2	An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Deni…	CWE-674 Uncontrolled Recursion	CVE-2019-9144	2024-11-21 13:51	2019-02-26	Show	GitHub Exploit DB Packet Storm

220716	8.8	HIGH Network	exiv2	exiv2	An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause D…	CWE-674 Uncontrolled Recursion	CVE-2019-9143	2024-11-21 13:51	2019-02-26	Show	GitHub Exploit DB Packet Storm

220717	6.1	MEDIUM Network	b3log	symphony	An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS exists via the userIntro and userNickname fields to processor/SettingsProcessor.java.	CWE-79 Cross-site Scripting	CVE-2019-9142	2024-11-21 13:51	2019-02-26	Show	GitHub Exploit DB Packet Storm

220718	7.5	HIGH Network	dlink	dir-825_rev.b_firmware	An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is an information disclosure vulnerability via requests for the router_info.xml document. This will reveal the PIN code, MAC addres…	CWE-200 Information Exposure	CVE-2019-9126	2024-11-21 13:51	2019-02-25	Show	GitHub Exploit DB Packet Storm

220719	9.8	CRITICAL Network	d-link	dir-878_firmware	An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP…	CWE-787 CWE-306 Out-of-bounds Write Missing Authentication for Critical Function	CVE-2019-9125	2024-11-21 13:51	2019-02-25	Show	GitHub Exploit DB Packet Storm

220720	9.8	CRITICAL Network	d-link	dir-878_firmware	An issue was discovered on D-Link DIR-878 1.12B01 devices. At the /HNAP1 URI, an attacker can log in with a blank password.	CWE-287 Improper Authentication	CVE-2019-9124	2024-11-21 13:51	2019-02-25	Show	GitHub Exploit DB Packet Storm