Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223251 7.2 危険 PulseAudio - PulseAudio における権限を取得される脆弱性 CWE-362
競合状態 		CVE-2009-1894 2012-12-20 19:10 2009-07-17 Show GitHub Exploit DB Packet Storm
223252 7.5 危険 PHPNUKE - Francisco Burzi PHP-Nuke の main/tracking/userLog.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1842 2012-12-20 19:10 2009-06-1 Show GitHub Exploit DB Packet Storm
223253 10 危険 slsknet - Soulseek におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1830 2012-12-20 19:10 2009-05-29 Show GitHub Exploit DB Packet Storm
223254 9.3 危険 sonicspot - Sonic Spot Audioactive Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1815 2012-12-20 19:10 2009-05-29 Show GitHub Exploit DB Packet Storm
223255 7.5 危険 submitterscript - Submitter Script の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1813 2012-12-20 19:10 2009-05-29 Show GitHub Exploit DB Packet Storm
223256 7.5 危険 videoscript - VideoScript.us YouTube Video Script の admin/index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1804 2012-12-20 19:10 2009-05-28 Show GitHub Exploit DB Packet Storm
223257 6.8 警告 sebastian-thiele - ST-Gallery の st_admin/gallery_output.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1799 2012-12-20 19:10 2009-05-28 Show GitHub Exploit DB Packet Storm
223258 4.3 警告 サン・マイクロシステムズ - Sun Java System Portal Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-1796 2012-12-20 19:10 2009-05-22 Show GitHub Exploit DB Packet Storm
223259 9.3 危険 stonetrip - StoneTrip Ston3D StandalonePlayer および WebPlayer の system.openURL 関数における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2009-1792 2012-12-20 19:10 2009-05-29 Show GitHub Exploit DB Packet Storm
223260 7.5 危険 phpdirsubmit - PHP Dir Submit における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-1787 2012-12-20 19:10 2009-05-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1571 7.5 HIGH
Network 		telesquare sdt-cs3b1_firmware Telesquare SKT LTE Router SDT-CS3B1 versión de software 1.2.0 contiene una vulnerabilidad de reinicio remoto no autenticado que permite a los atacantes activar el reinicio del dispositivo sin autenti… CWE-306
Missing Authentication for Critical Function 		CVE-2017-20222 2026-04-15 02:00 2026-03-16 Show GitHub Exploit DB Packet Storm
1572 4.3 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to access con… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-2104 2026-04-15 01:57 2026-04-9 Show GitHub Exploit DB Packet Storm
1573 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulatin… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2017-20223 2026-04-15 01:57 2026-03-16 Show GitHub Exploit DB Packet Storm
1574 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware La versión de firmware 1.2.0 del Telesquare SKT LTE Router SDT-CS3B1 contiene una vulnerabilidad de referencia directa a objeto insegura que permite a los atacantes eludir la autorización y acceder a… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2017-20223 2026-04-15 01:57 2026-03-16 Show GitHub Exploit DB Packet Storm
1575 4.3 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authent… CWE-863
 Incorrect Authorization 		CVE-2026-2619 2026-04-15 01:55 2026-04-9 Show GitHub Exploit DB Packet Storm
1576 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP m… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-20224 2026-04-15 01:52 2026-03-16 Show GitHub Exploit DB Packet Storm
1577 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware El router Telesquare SKT LTE SDT-CS3B1 versión 1.2.0 contiene una vulnerabilidad de carga arbitraria de archivos que permite a atacantes no autenticados cargar contenido malicioso explotando métodos … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-20224 2026-04-15 01:52 2026-03-16 Show GitHub Exploit DB Packet Storm
1578 8.8 HIGH
Network 		lfprojects mlflow A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct in… CWE-94
Code Injection 		CVE-2025-14287 2026-04-15 01:48 2026-03-16 Show GitHub Exploit DB Packet Storm
1579 8.8 HIGH
Network 		lfprojects mlflow Una vulnerabilidad de inyección de comandos existe en las versiones de mlflow/mlflow anteriores a la v3.7.0, específicamente en el archivo 'mlflow/sagemaker/__init__.py' en las líneas 161-167. La vul… CWE-94
Code Injection 		CVE-2025-14287 2026-04-15 01:48 2026-03-16 Show GitHub Exploit DB Packet Storm
1580 9.8 CRITICAL
Network 		microsoft bing_images Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Bing Images allows an unauthorized attacker to execute code over a network. CWE-78
OS Command  		CVE-2026-32191 2026-04-15 01:35 2026-03-20 Show GitHub Exploit DB Packet Storm