Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223731 7.5 危険 PHPNUKE - PHP-Nuke 用の Sarkilar モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6779 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
223732 7.5 危険 scripts-for-sites - SFS EZ Auction の viewfaqs.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6778 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
223733 7.5 危険 scripts-for-sites - SFS EZ Hot or Not の viewcomments.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6776 2012-12-20 19:10 2009-05-1 Show GitHub Exploit DB Packet Storm
223734 6.8 警告 shopsystem-forum - K&S Shopsoftware の admin/editor/images.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2008-6768 2012-12-20 19:10 2009-04-29 Show GitHub Exploit DB Packet Storm
223735 10 危険 WordPress.org - WordPress の wp-admin/upgrade.php におけるアプリケーションをアップグレードされる脆弱性 CWE-noinfo
情報不足 		CVE-2008-6767 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
223736 5 警告 viart - ViArt Shop の cart_save.php におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-6766 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
223737 5 警告 viart - ViArt Shop における任意のショッピングカートの中身にアクセスされる脆弱性 CWE-noinfo
情報不足 		CVE-2008-6765 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
223738 4.3 警告 WordPress.org - WordPress の wp-admin/upgrade.php におけるオープンリダイレクトの脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-6762 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
223739 4.3 警告 viart - ViArt Shop における重要な情報を取得される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-6760 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
223740 4.3 警告 viart - ViArt Shop における重要な情報を取得される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-6759 2012-12-20 19:10 2009-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1411 4.3 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-r… CWE-863
 Incorrect Authorization 		CVE-2026-1752 2026-04-15 02:02 2026-04-9 Show GitHub Exploit DB Packet Storm
1412 7.5 HIGH
Network 		telesquare sdt-cs3b1_firmware Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can… CWE-306
Missing Authentication for Critical Function 		CVE-2017-20222 2026-04-15 02:00 2026-03-16 Show GitHub Exploit DB Packet Storm
1413 7.5 HIGH
Network 		telesquare sdt-cs3b1_firmware Telesquare SKT LTE Router SDT-CS3B1 versión de software 1.2.0 contiene una vulnerabilidad de reinicio remoto no autenticado que permite a los atacantes activar el reinicio del dispositivo sin autenti… CWE-306
Missing Authentication for Critical Function 		CVE-2017-20222 2026-04-15 02:00 2026-03-16 Show GitHub Exploit DB Packet Storm
1414 4.3 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to access con… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-2104 2026-04-15 01:57 2026-04-9 Show GitHub Exploit DB Packet Storm
1415 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulatin… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2017-20223 2026-04-15 01:57 2026-03-16 Show GitHub Exploit DB Packet Storm
1416 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware La versión de firmware 1.2.0 del Telesquare SKT LTE Router SDT-CS3B1 contiene una vulnerabilidad de referencia directa a objeto insegura que permite a los atacantes eludir la autorización y acceder a… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2017-20223 2026-04-15 01:57 2026-03-16 Show GitHub Exploit DB Packet Storm
1417 4.3 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authent… CWE-863
 Incorrect Authorization 		CVE-2026-2619 2026-04-15 01:55 2026-04-9 Show GitHub Exploit DB Packet Storm
1418 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP m… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-20224 2026-04-15 01:52 2026-03-16 Show GitHub Exploit DB Packet Storm
1419 9.8 CRITICAL
Network 		telesquare sdt-cs3b1_firmware El router Telesquare SKT LTE SDT-CS3B1 versión 1.2.0 contiene una vulnerabilidad de carga arbitraria de archivos que permite a atacantes no autenticados cargar contenido malicioso explotando métodos … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-20224 2026-04-15 01:52 2026-03-16 Show GitHub Exploit DB Packet Storm
1420 8.8 HIGH
Network 		lfprojects mlflow A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct in… CWE-94
Code Injection 		CVE-2025-14287 2026-04-15 01:48 2026-03-16 Show GitHub Exploit DB Packet Storm