Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
223731	7.5	危険	PHPNUKE	-	PHP-Nuke 用の Sarkilar モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6779	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

223732	7.5	危険	scripts-for-sites	-	SFS EZ Auction の viewfaqs.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6778	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

223733	7.5	危険	scripts-for-sites	-	SFS EZ Hot or Not の viewcomments.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6776	2012-12-20 19:10	2009-05-1	Show	GitHub Exploit DB Packet Storm

223734	6.8	警告	shopsystem-forum	-	K&S Shopsoftware の admin/editor/images.php における任意の PHP コードを実行される脆弱性	CWE-Other その他	CVE-2008-6768	2012-12-20 19:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

223735	10	危険	WordPress.org	-	WordPress の wp-admin/upgrade.php におけるアプリケーションをアップグレードされる脆弱性	CWE-noinfo 情報不足	CVE-2008-6767	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

223736	5	警告	viart	-	ViArt Shop の cart_save.php におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2008-6766	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

223737	5	警告	viart	-	ViArt Shop における任意のショッピングカートの中身にアクセスされる脆弱性	CWE-noinfo 情報不足	CVE-2008-6765	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

223738	4.3	警告	WordPress.org	-	WordPress の wp-admin/upgrade.php におけるオープンリダイレクトの脆弱性	CWE-59 リンク解釈の問題	CVE-2008-6762	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

223739	4.3	警告	viart	-	ViArt Shop における重要な情報を取得される脆弱性	CWE-59 リンク解釈の問題	CVE-2008-6760	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

223740	4.3	警告	viart	-	ViArt Shop における重要な情報を取得される脆弱性	CWE-59 リンク解釈の問題	CVE-2008-6759	2012-12-20 19:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1551	7.8	HIGH Local	google	web_designer	Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.	CWE-22 Path Traversal	CVE-2026-3223	2026-04-14 09:33	2026-02-27	Show	GitHub Exploit DB Packet Storm

1552	7.8	HIGH Local	google	web_designer	Escritura arbitraria de archivos y potencial escalada de privilegios explotando la vulnerabilidad zip slip en Google Web Designer.	CWE-22 Path Traversal	CVE-2026-3223	2026-04-14 09:33	2026-02-27	Show	GitHub Exploit DB Packet Storm

1553	9.8	CRITICAL Network	nestjs	nest	A NestJS application using @nestjs/platform-fastify can allow bypass of authentication/authorization middleware when Fastify path-normalization options are enabled. This issue affects nest.Js: 11.…	CWE-863 Incorrect Authorization	CVE-2026-2293	2026-04-14 09:30	2026-02-28	Show	GitHub Exploit DB Packet Storm

1554	9.8	CRITICAL Network	nestjs	nest	Una aplicación NestJS que utiliza @nestjs/platform-fastify puede permitir la omisión del middleware de autenticación/autorización cuando las opciones de normalización de rutas de Fastify están habili…	CWE-863 Incorrect Authorization	CVE-2026-2293	2026-04-14 09:30	2026-02-28	Show	GitHub Exploit DB Packet Storm

1555	9.8	CRITICAL Network	-	-	Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service (Hyland.Core.Workflow.NTService.exe). An attacker who can reach the service can send crafted .NET…	CWE-502 Deserialization of Untrusted Data	CVE-2026-26221	2026-04-14 09:16	2026-02-14	Show	GitHub Exploit DB Packet Storm

1556	9.8	CRITICAL Network	-	-	Hyland OnBase contiene una exposición de .NET Remoting sin autenticación en el Servicio de Temporizador de Flujo de Trabajo de OnBase (Hyland.Core.Workflow.NTService.exe). Un atacante que puede alcan…	CWE-502 Deserialization of Untrusted Data	CVE-2026-26221	2026-04-14 09:16	2026-02-14	Show	GitHub Exploit DB Packet Storm

1557	6.1	MEDIUM Network	-	-	The User Registration & Membership plugin for WordPress is vulnerable to Open Redirect in versions up to and including 5.1.4. This is due to insufficient validation of user-supplied URLs passed via t…	CWE-601 Open Redirect	CVE-2026-6203	2026-04-14 08:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1558	6.5	MEDIUM Local	-	-	Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mit…	CWE-250 Execution with Unnecessary Privileges	CVE-2025-0921	2026-04-14 08:16	2025-05-16	Show	GitHub Exploit DB Packet Storm

1559	6.5	MEDIUM Local	-	-	La vulnerabilidad de ejecución con privilegios innecesarios en el agente Pager de la función de notificación multiagente de Mitsubishi Electric Iconics Digital Solutions GENESIS64 anterior a la versi…	CWE-250 Execution with Unnecessary Privileges	CVE-2025-0921	2026-04-14 08:16	2025-05-16	Show	GitHub Exploit DB Packet Storm

1560	5.9	MEDIUM Network	-	-	Missing Authentication for Critical Function vulnerability in the mobile monitoring feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.…	CWE-306 Missing Authentication for Critical Function	CVE-2024-1573	2026-04-14 08:16	2024-07-4	Show	GitHub Exploit DB Packet Storm