Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222131	4.3	警告	tcwonline	-	TCW PHP Album の photos/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2715	2012-12-20 19:29	2010-07-13	Show	GitHub Exploit DB Packet Storm

222132	7.5	危険	tcwonline	-	TCW PHP Album の photos/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2714	2012-12-20 19:29	2010-07-13	Show	GitHub Exploit DB Packet Storm

222133	3.5	注意	sijio	-	Sijio Community Software におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2698	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222134	3.5	注意	sijio	-	Sijio Community Software の gallery/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2697	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222135	7.5	危険	sijio	-	Sijio Community Software の gallery/index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2696	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222136	6.5	警告	xlightftpd	-	Xlight FTP Server の SFTP/SSH2 仮想サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-2695	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222137	7.5	危険	redcomponent	-	Joomla! 用の redSHOP コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2694	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222138	7.5	危険	site2nite	-	Site2Nite Boat Classifieds の detail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2688	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222139	7.5	危険	site2nite	-	Site2Nite Boat Classifieds の printdetail.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2687	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

222140	7.5	危険	topmanage	-	SAP 用の TopManage OLK モジュール内における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2686	2012-12-20 19:29	2010-07-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
231	9.8	CRITICAL Network	-	-	SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.	CWE-122 Heap-based Buffer Overflow	CVE-2026-32956	2026-04-20 13:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

232	8.8	HIGH Network	-	-	SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.	CWE-121 Stack-based Buffer Overflow	CVE-2026-32955	2026-04-20 13:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

233	2.7	LOW Network	-	-	A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flo…	CWE-255 CWE-256 Credentials Management Plaintext Storage of a Password	CVE-2026-6597	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

234	7.3	HIGH Network	-	-	A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component …	CWE-284 CWE-434 Improper Access Control Unrestricted Upload of File with Dangerous Type	CVE-2026-6596	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

235	7.3	HIGH Network	-	-	A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of t…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6595	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

236	7.3	HIGH Network	-	-	A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly co…	CWE-94 CWE-1321 Code Injection Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-6594	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

237	3.5	LOW Network	-	-	A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cros…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-6593	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

238	3.5	LOW Network	-	-	A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/user_manager.py of the component userdata Endpoint. Such manipulatio…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-6592	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

239	4.3	MEDIUM Network	-	-	A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argum…	CWE-22 Path Traversal	CVE-2026-6591	2026-04-20 10:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

240	4.3	MEDIUM Network	-	-	A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview of the file app/model_manager.py of the component Model Preview Endpoint. The manipulation results in…	CWE-22 Path Traversal	CVE-2026-6590	2026-04-20 10:16	2026-04-20	Show	GitHub Exploit DB Packet Storm