Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1561 6.1 警告
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70890 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1562 6.1 警告
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70891 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1563 9.8 緊急
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-70892 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1564 8.8 重要
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-70893 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1565 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-9222 2026-01-27 17:34 2026-01-9 Show GitHub Exploit DB Packet Storm
1566 8.8 重要
Network 		SAP Introscope Enterprise Manager SAPのIntroscope Enterprise Managerにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-0500 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1567 8.1 重要
Network 		- SAPのSAP Netweaver Application Server ABAPにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-0506 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1568 4.7 警告
Network 		SAP SAP Supplier Relationship Management SAPのSAP Supplier Relationship Managementにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-0513 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1569 7.5 重要
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2026-0528 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1570 6.5 警告
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-0530 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
282901 - novell groupwise_webaccess This has been fixed in any build of GroupWise 7 WebAccess dated after July 27, 2006. This has been fixed in any build of GroupWise 6.5 WebAccess dated after July 21, 2006. NVD-CWE-Other
CVE-2006-3818 2018-10-18 01:58 2006-08-11 Show GitHub Exploit DB Packet Storm
282902 - coppermine-gallery coppermine_photo_gallery Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, a… CWE-89
SQL Injection 		CVE-2008-0504 2018-10-17 01:50 2008-02-1 Show GitHub Exploit DB Packet Storm
282903 - gd_graphics_library gdlib Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index … CWE-189
Numeric Errors 		CVE-2007-3476 2018-10-17 01:50 2007-06-29 Show GitHub Exploit DB Packet Storm
282904 - libgd gd_graphics_library The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle de… CWE-399
 Resource Management Errors 		CVE-2007-3477 2018-10-17 01:50 2007-06-29 Show GitHub Exploit DB Packet Storm
282905 - gd_graphics_library gdlib Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspec… CWE-362
Race Condition 		CVE-2007-3478 2018-10-17 01:50 2007-06-29 Show GitHub Exploit DB Packet Storm
282906 - pc_soft windev Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to execute arbitrary code via a long string in the "used DLL" field in a WDP project file. NVD-CWE-Other
CVE-2007-3479 2018-10-17 01:50 2007-06-29 Show GitHub Exploit DB Packet Storm
282907 - pc_soft windev PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to cause a denial of service (infinite loop and resource consumption) via a malformed WDP project file. NVD-CWE-Other
CVE-2007-3480 2018-10-17 01:50 2007-06-29 Show GitHub Exploit DB Packet Storm
282908 - hp photo_digital_imaging_activex_control Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argum… CWE-22
Path Traversal 		CVE-2007-3487 2018-10-17 01:50 2007-06-30 Show GitHub Exploit DB Packet Storm
282909 - checkpoint vpn-1_utm_edge Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers… NVD-CWE-Other
CVE-2007-3489 2018-10-17 01:50 2007-06-30 Show GitHub Exploit DB Packet Storm
282910 - progress openedge Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message. NVD-CWE-Other
CVE-2007-3491 2018-10-17 01:50 2007-06-30 Show GitHub Exploit DB Packet Storm