Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232521 7.5 危険 phpcredo - PHCDownload の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6596 2012-12-20 19:10 2009-04-3 Show GitHub Exploit DB Packet Storm
232522 7.5 危険 TYPO3 Association - TYPO3 用の pmk_rssnewsexport エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6595 2012-12-20 19:10 2009-04-3 Show GitHub Exploit DB Packet Storm
232523 7.5 危険 TYPO3 Association - TYPO3 用の cm_rdfexport エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6594 2012-12-20 19:10 2009-04-3 Show GitHub Exploit DB Packet Storm
232524 6.8 警告 Vuze, Inc. - Vuze の index.tmpl におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6587 2012-12-20 19:10 2009-04-3 Show GitHub Exploit DB Packet Storm
232525 6.8 警告 BitTorrent, Inc. - uTorrent WebUI の gui/index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6586 2012-12-20 19:10 2009-04-3 Show GitHub Exploit DB Packet Storm
232526 6.8 警告 TorrentFlux - TorrentFlux の html/admin.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-6585 2012-12-20 19:10 2009-04-3 Show GitHub Exploit DB Packet Storm
232527 6 警告 TorrentFlux - TorrentFlux の html/index.php における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6584 2012-12-20 19:10 2009-04-3 Show GitHub Exploit DB Packet Storm
232528 6.8 警告 yehe - Yehe における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6568 2012-12-20 19:10 2009-03-31 Show GitHub Exploit DB Packet Storm
232529 10 危険 puppetmaster - The Puppet Master WebUtil の cgi-bin/webutil.pl における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6557 2012-12-20 19:10 2009-03-30 Show GitHub Exploit DB Packet Storm
232530 10 危険 puppetmaster - The Puppet Master WebUtil の cgi-bin/webutil.pl における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-6556 2012-12-20 19:10 2009-03-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313341 7.5 HIGH
Network 		zoo_project zoo Zoo 2.10 has Directory traversal CWE-22
Path Traversal 		CVE-2005-2349 2024-11-21 08:59 2019-10-28 Show GitHub Exploit DB Packet Storm
313342 9.8 CRITICAL
Network 		wp-plugins secure_files A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. Affected is the function sf_downloads of the file secure-files.php. The ma… - CVE-2005-10002 2024-11-21 08:56 2023-10-30 Show GitHub Exploit DB Packet Storm
313343 6.1 MEDIUM
Network 		broadcom symantec_siteminder A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The man… CWE-601
Open Redirect 		CVE-2005-10001 2024-11-21 08:56 2022-03-29 Show GitHub Exploit DB Packet Storm
313344 9.8 CRITICAL
Network 		goscript_project goscript go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter. NVD-CWE-Other
CVE-2004-2776 2024-11-21 08:54 2020-01-1 Show GitHub Exploit DB Packet Storm
313345 7.5 HIGH
Network 		underbit libid3tag id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition… CWE-399
 Resource Management Errors 		CVE-2004-2779 2024-11-21 08:54 2018-02-21 Show GitHub Exploit DB Packet Storm
313346 7.1 HIGH
Local 		gentoo portage Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted comm… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-2778 2024-11-21 08:54 2017-06-28 Show GitHub Exploit DB Packet Storm
313347 - gehealthcare centricity_image_vault_firmware GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value f… CWE-255
Credentials Management 		CVE-2004-2777 2024-11-21 08:54 2015-08-4 Show GitHub Exploit DB Packet Storm
313348 - oracle
redhat
bsd_mailx_project
heirloom 		linux
enterprise_linux
bsd_mailx
mailx 		The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address. CWE-20
 Improper Input Validation  		CVE-2004-2771 2024-11-21 08:54 2014-12-25 Show GitHub Exploit DB Packet Storm
313349 - cerberusftp ftp_server Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-2769 2024-11-21 08:54 2010-07-3 Show GitHub Exploit DB Packet Storm
313350 - tsugio_okamoto lha Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a di… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2004-0694 2024-11-21 08:49 2011-02-4 Show GitHub Exploit DB Packet Storm