Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
245411 4.3 警告 4shared - Starsgames Control Panel の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2458 2012-06-26 16:02 2008-05-27 Show GitHub Exploit DB Packet Storm
245412 7.5 危険 bitmixsoft - PHP-Jokesite の jokes_category.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2457 2012-06-26 16:02 2008-05-27 Show GitHub Exploit DB Packet Storm
245413 7.5 危険 comicshout - ComicShout の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2456 2012-06-26 16:02 2008-05-27 Show GitHub Exploit DB Packet Storm
245414 7.5 危険 e107coders - e107用 MacGuru BLOG Engine プラグインの comment.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2455 2012-06-26 16:02 2008-05-27 Show GitHub Exploit DB Packet Storm
245415 7.5 危険 ASP indir - Meto Forum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2448 2012-06-26 16:02 2008-05-27 Show GitHub Exploit DB Packet Storm
245416 7.5 危険 calogic - CaLogic Calendars の userreg.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2444 2012-06-26 16:02 2008-05-27 Show GitHub Exploit DB Packet Storm
245417 7.5 危険 calendarix - Calendarix Basic における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2429 2012-06-26 16:02 2008-11-25 Show GitHub Exploit DB Packet Storm
245418 9.3 危険 carsten haitzler - Imlib におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-2426 2012-06-26 16:02 2008-06-2 Show GitHub Exploit DB Packet Storm
245419 7.5 危険 fichive - FicHive の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2425 2012-06-26 16:02 2008-05-23 Show GitHub Exploit DB Packet Storm
245420 7.5 危険 fichive - FicHive の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2416 2012-06-26 16:02 2008-05-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1701 6.5 MEDIUM
Network 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam_usb builds XPath expressions from user-supplied identifiers (PAM username, service name) and dev… CWE-91
Blind XPath Injection 		CVE-2026-47273 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1702 6.3 MEDIUM
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam_usb helper tools resolved external binaries through the PATH environment variable rathe… CWE-427
 Uncontrolled Search Path Element 		CVE-2026-47274 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1703 5.7 MEDIUM
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the ad… CWE-362
CWE-476
Race Condition
 NULL Pointer Dereference 		CVE-2026-48066 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1704 4.4 MEDIUM
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event* nodes, causing pusb_has_vi… CWE-390
CWE-693
 Detection of Error Condition Without Action
 Protection Mechanism Failure 		CVE-2026-48792 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1705 7.8 HIGH
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly withou… CWE-78
OS Command  		CVE-2026-44709 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1706 8.1 HIGH
Network 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage… CWE-863
 Incorrect Authorization 		CVE-2026-48064 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1707 6.7 MEDIUM
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to n_devices, a count derived from libxml2 XPath evalu… CWE-122
CWE-190
Heap-based Buffer Overflow
 Integer Overflow or Wraparound 		CVE-2026-48065 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1708 4.6 MEDIUM
Physics 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/device.c passed the return values of udisks_drive_get_serial(), udisks_drive_get_vendor(), and u… CWE-476
 NULL Pointer Dereference 		CVE-2026-44710 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1709 8.2 HIGH
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $(id>/tmp/rce) in the config causes root RCE when pamusb-conf --reset-pads is… CWE-78
CWE-88
OS Command 
Argument Injection 		CVE-2026-44712 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm
1710 8.8 HIGH
Local 		- - pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the so… CWE-78
CWE-116
OS Command 
 Improper Encoding or Escaping of Output 		CVE-2026-44713 2026-05-28 22:57 2026-05-28 Show GitHub Exploit DB Packet Storm