Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
91 8.8 重要
Network 		Shanghai UTT Technologies Co., Ltd. 520W ファームウェア Shanghai UTT Technologies Co., Ltd.の520W ファームウェアにおける複数の脆弱性 CWE-119
CWE-120
CVE-2026-1140 2026-02-6 10:37 2026-01-19 Show GitHub Exploit DB Packet Storm
92 5.4 警告
Network 		Django Software Foundation Django Django Software FoundationのDjangoにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-1207 2026-02-6 10:37 2026-02-3 Show GitHub Exploit DB Packet Storm
93 7.5 重要
Network 		Django Software Foundation Django Django Software FoundationのDjangoにおけるアルゴリズムの複雑さに関する脆弱性 CWE-407
アルゴリズムの複雑性 		CVE-2026-1285 2026-02-6 10:37 2026-02-3 Show GitHub Exploit DB Packet Storm
94 5.4 警告
Network 		Django Software Foundation Django Django Software FoundationのDjangoにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-1287 2026-02-6 10:37 2026-02-3 Show GitHub Exploit DB Packet Storm
95 5.4 警告
Network 		Django Software Foundation Django Django Software FoundationのDjangoにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-1312 2026-02-6 10:37 2026-02-3 Show GitHub Exploit DB Packet Storm
96 3.1
Network 		GitLab.org GitLab GitLab.orgのGitLabにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-1751 2026-02-6 10:37 2026-02-2 Show GitHub Exploit DB Packet Storm
97 7.5 重要
Network 		メディアテック NR15 メディアテックのNR15における複数の脆弱性 CWE-617
CWE-754
CVE-2026-20401 2026-02-6 10:37 2026-02-2 Show GitHub Exploit DB Packet Storm
98 7.5 重要
Network 		メディアテック NR15 メディアテックのNR15における境界外書き込みに関する脆弱性 CWE-787
CWE-noinfo
CVE-2026-20402 2026-02-6 10:37 2026-02-2 Show GitHub Exploit DB Packet Storm
99 7.5 重要
Network 		メディアテック nr16
NR17R
NR15
nr17 		メディアテックのNR15等の複数製品における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-20403 2026-02-6 10:37 2026-02-2 Show GitHub Exploit DB Packet Storm
100 7.5 重要
Network 		メディアテック nr16
NR17R
NR15
nr17 		メディアテックのNR15等の複数製品における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-20404 2026-02-6 10:37 2026-02-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
307651 - typo3 mimi_tipfriends Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi_tipfriends) extension 0.0.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified… CWE-79
Cross-site Scripting 		CVE-2010-0346 2011-04-29 13:00 2010-01-16 Show GitHub Exploit DB Packet Storm
307652 - typo3 vd_gemomap Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap) extension 0.3.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2010-0347 2011-04-29 13:00 2010-01-16 Show GitHub Exploit DB Packet Storm
307653 - c-3.co.jp webcalenderc3 Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors. CWE-22
Path Traversal 		CVE-2010-0348 2011-04-29 13:00 2010-01-16 Show GitHub Exploit DB Packet Storm
307654 - c-3.co.jp webcalenderc3 Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: this issue could not be … CWE-79
Cross-site Scripting 		CVE-2010-0349 2011-04-29 13:00 2010-01-16 Show GitHub Exploit DB Packet Storm
307655 - juniper junos Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session fla… CWE-20
 Improper Input Validation  		CVE-2007-6372 2011-04-29 13:00 2007-12-15 Show GitHub Exploit DB Packet Storm
307656 - suse opensuse
suse_linux 		SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0230 2011-04-28 13:00 2010-01-23 Show GitHub Exploit DB Packet Storm
307657 - ibm lotus_domino Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers to cause a denial of service (daemon exit) and possibly have unspecified other impact via a long str… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0358 2011-04-28 13:00 2010-01-21 Show GitHub Exploit DB Packet Storm
307658 - sun java_system_web_server Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request… CWE-20
 Improper Input Validation  		CVE-2010-0360 2011-04-28 13:00 2010-01-21 Show GitHub Exploit DB Packet Storm
307659 - sun java_system_web_server Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and poss… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0361 2011-04-28 13:00 2010-01-21 Show GitHub Exploit DB Packet Storm
307660 - tor tor Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for… CWE-200
Information Exposure 		CVE-2010-0384 2011-04-27 13:00 2010-01-26 Show GitHub Exploit DB Packet Storm