Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1561 6.1 警告
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70890 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1562 6.1 警告
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70891 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1563 9.8 緊急
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-70892 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1564 8.8 重要
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-70893 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1565 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-9222 2026-01-27 17:34 2026-01-9 Show GitHub Exploit DB Packet Storm
1566 8.8 重要
Network 		SAP Introscope Enterprise Manager SAPのIntroscope Enterprise Managerにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-0500 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1567 8.1 重要
Network 		- SAPのSAP Netweaver Application Server ABAPにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-0506 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1568 4.7 警告
Network 		SAP SAP Supplier Relationship Management SAPのSAP Supplier Relationship Managementにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-0513 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1569 7.5 重要
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2026-0528 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1570 6.5 警告
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-0530 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283321 - hp openview_network_node_manager ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory … CWE-399
 Resource Management Errors 		CVE-2008-0212 2018-10-16 06:58 2008-02-7 Show GitHub Exploit DB Packet Storm
283322 - yassl yassl yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-0227 2018-10-16 06:58 2008-01-11 Show GitHub Exploit DB Packet Storm
283323 - linksys wrt54gl Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators. CWE-352
 Origin Validation Error 		CVE-2008-0228 2018-10-16 06:58 2008-01-11 Show GitHub Exploit DB Packet Storm
283324 - level_one wbr-3460a The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00.11 and 1.00.12 does not require authentication, which allows remote attackers on the local or wireles… CWE-287
Improper Authentication 		CVE-2008-0229 2018-10-16 06:58 2008-01-11 Show GitHub Exploit DB Packet Storm
283325 - tuned_studios classic_theme
endless
freeze_theme
lonely_maple
music_theme
orange_cutout
subwoofer 		Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme we… CWE-22
Path Traversal 		CVE-2008-0231 2018-10-16 06:58 2008-01-11 Show GitHub Exploit DB Packet Storm
283326 - apple quicktime Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-0234 2018-10-16 06:58 2008-01-11 Show GitHub Exploit DB Packet Storm
283327 - sun java_system_identity_manager Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the (1) cnt… CWE-79
Cross-site Scripting 		CVE-2008-0239 2018-10-16 06:58 2008-01-12 Show GitHub Exploit DB Packet Storm
283328 - sun java_system_identity_manager /idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUr… CWE-79
Cross-site Scripting 		CVE-2008-0240 2018-10-16 06:58 2008-01-12 Show GitHub Exploit DB Packet Storm
283329 - sun java_system_identity_manager Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct p… CWE-20
 Improper Input Validation  		CVE-2008-0241 2018-10-16 06:58 2008-01-12 Show GitHub Exploit DB Packet Storm
283330 - sap maxdb SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed… CWE-20
 Improper Input Validation  		CVE-2008-0244 2018-10-16 06:58 2008-01-12 Show GitHub Exploit DB Packet Storm