Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229571 6.8 警告 phparanoid - PHParanoid におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-5672 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
229572 6.8 警告 Textpattern - Textpattern におけるセッションのハイジャック後パスワードを変更される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-5670 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
229573 5 警告 Textpattern - Textpattern のコメントプレビューセクションにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5669 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
229574 4.3 警告 Textpattern - Textpattern におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5668 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
229575 5 警告 VirusBlokAda Ltd. - VirusBlokAda VBA32 Personal Antivirus のスキャンエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5667 2012-12-20 19:10 2008-12-18 Show GitHub Exploit DB Packet Storm
229576 3.5 注意 WING FTP software - WinFTP FTP Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5666 2012-12-20 18:52 2008-12-18 Show GitHub Exploit DB Packet Storm
229577 7.5 危険 XOOPS - XOOPS の xhresim モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5665 2012-12-20 18:52 2008-12-18 Show GitHub Exploit DB Packet Storm
229578 9.3 危険 Realtek Semiconductor Corp - Realtek Media Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5664 2012-12-20 18:52 2008-12-18 Show GitHub Exploit DB Packet Storm
229579 7.5 危険 Quassel IRC - Quassel Core における CRLF インジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5657 2012-12-20 18:52 2008-10-27 Show GitHub Exploit DB Packet Storm
229580 4.3 警告 TYPO3 Association - TYPO3 の felogin system エクステンション用の frontend プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5656 2012-12-20 18:52 2008-12-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3351 7.5 HIGH
Network 		- - Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload… CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2021-47970 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3352 7.5 HIGH
Network 		- - My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a pa… CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2021-47971 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3353 7.5 HIGH
Network 		- - Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can p… CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2021-47972 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3354 7.5 HIGH
Network 		- - Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can gener… CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2021-47973 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3355 7.2 HIGH
Network 		- - WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the fieldtitle parameter. Attackers can submit PO… CWE-79
Cross-site Scripting 		CVE-2021-47975 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3356 6.2 MEDIUM
Local 		- - ProcessMaker 3.5.4 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting improper path traversal validation. Attackers can send req… CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2021-47978 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3357 5.4 MEDIUM
Network 		- - Zechat 1.5 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to change a user's information by bypassing anti-CSRF protections. The application uses a CSRF token, but… CWE-352
 Origin Validation Error 		CVE-2018-25334 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3358 8.2 HIGH
Network 		- - Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit th… CWE-89
SQL Injection 		CVE-2018-25338 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3359 8.2 HIGH
Network 		- - Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques. Attackers can exploit the… CWE-89
SQL Injection 		CVE-2018-25339 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
3360 8.4 HIGH
Local 		- - Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can… CWE-121
Stack-based Buffer Overflow 		CVE-2018-25322 2026-05-19 02:29 2026-05-17 Show GitHub Exploit DB Packet Storm