Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1561 6.1 警告
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70890 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1562 6.1 警告
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70891 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1563 9.8 緊急
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-70892 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1564 8.8 重要
Network 		PHPGurukul cyber cafe management system PHPGurukulのcyber cafe management systemにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2025-70893 2026-01-27 17:34 2026-01-15 Show GitHub Exploit DB Packet Storm
1565 5.4 警告
Network 		GitLab.org GitLab GitLab.orgのGitLabにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-9222 2026-01-27 17:34 2026-01-9 Show GitHub Exploit DB Packet Storm
1566 8.8 重要
Network 		SAP Introscope Enterprise Manager SAPのIntroscope Enterprise Managerにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-0500 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1567 8.1 重要
Network 		- SAPのSAP Netweaver Application Server ABAPにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-0506 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1568 4.7 警告
Network 		SAP SAP Supplier Relationship Management SAPのSAP Supplier Relationship Managementにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-0513 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1569 7.5 重要
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2026-0528 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
1570 6.5 警告
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-0530 2026-01-27 17:34 2026-01-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
305071 - jaws jaws Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. (dot dot) in the gadget parameter. NVD-CWE-Other
CVE-2004-2445 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305072 - 1st_class_internet_solutions 1st_class_mail_server Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors. NVD-CWE-Other
CVE-2004-2446 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305073 - 1st_class_internet_solutions 1st_class_mail_server Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index scr… NVD-CWE-Other
CVE-2004-2447 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305074 - cassiopeia
itransact 		s-mart_shopping_cart
redicart 		S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the databa… NVD-CWE-Other
CVE-2004-2448 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305075 - gamespy roger_wilco_dedicated_server
roger_wilco_graphical_server 		Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram. NVD-CWE-Other
CVE-2004-2449 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305076 - gamespy roger_wilco
roger_wilco_dedicated_server
roger_wilco_graphical_server
roger_wilco_mark 		The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers… NVD-CWE-Other
CVE-2004-2450 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305077 - - - Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the "Voices from the deep" bug. NVD-CWE-Other
CVE-2004-2451 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305078 - - - Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag… NVD-CWE-Other
CVE-2004-2452 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305079 - tutti_nova tutti_nova Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors. NVD-CWE-Other
CVE-2004-2453 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
305080 - amsn amsn aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml. NVD-CWE-Other
CVE-2004-2454 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm