Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223621 5 警告 unica - Unica Affinium Campaign のリスナーサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7094 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
223622 6.8 警告 unica - Unica Affinium Campaign におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-7093 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
223623 4.3 警告 unica - Unica Affinium Campaign におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7092 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
223624 7.5 危険 Pligg - Pligg における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7091 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
223625 7.8 危険 Pligg - Pligg におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-7090 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
223626 4.3 警告 Pligg - Pligg におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7089 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
223627 7.5 危険 thehockeystop - TheHockeyStop HockeySTATS Online における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7085 2012-12-20 19:10 2009-08-26 Show GitHub Exploit DB Packet Storm
223628 7.5 危険 revou - ReVou Micro Blogging Twitter クローンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7083 2012-12-20 19:10 2009-08-25 Show GitHub Exploit DB Packet Storm
223629 4.3 警告 Simple Machines
phpraider		 - Simple Machines phpRaider の不特定のコンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7035 2012-12-20 19:10 2009-08-24 Show GitHub Exploit DB Packet Storm
223630 7.5 危険 tigran abrahamyan - PHPEcho CMS の kernel/smarty/Smarty.class.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-7034 2012-12-20 19:10 2009-08-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
591 7.5 HIGH
Network 		- - MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files. CWE-93
CRLF Injection 		CVE-2026-6351 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
592 8.8 HIGH
Network 		- - In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, i… CWE-1242
 Inclusion of Undocumented Features or Chicken Bits 		CVE-2023-3634 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
593 4.3 MEDIUM
Network 		- - In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint. CWE-203
 Information Exposure Through Discrepancy 		CVE-2023-5872 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
594 6.0 MEDIUM
Network 		- - Due to improper input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious cod… CWE-20
 Improper Input Validation  		CVE-2026-22615 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
595 6.5 MEDIUM
Network 		- - Eaton Intelligent Power Protector (IPP) software allows repeated authentication attempts against the web interface login page due to insufficient rate‑limiting controls. This security issue has been … CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2026-22616 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
596 6.3 MEDIUM
Network 		- - UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product t… CWE-941
 Incorrectly Specified Destination in a Communication Channel 		CVE-2026-40118 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
597 5.7 MEDIUM
Network 		- - Eaton Intelligent Power Protector (IPP) uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. Th… CWE-614
 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute 		CVE-2026-22617 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
598 5.9 MEDIUM
Network 		- - A security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an HTTP response header was set with an insecure attribute, potentially exposing users to web‑based attack… CWE-358
 Improperly Implemented Security Check for Standard 		CVE-2026-22618 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
599 7.8 HIGH
Local 		- - Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an attacker with access to the software package. Thi… CWE-427
 Uncontrolled Search Path Element 		CVE-2026-22619 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
600 6.5 MEDIUM
Network 		- - LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs, potentially causing the iOS devic… CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-3861 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm