Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223841 7.5 危険 phpkf - phpKF の forum_duzen.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6443 2012-12-20 19:10 2009-03-9 Show GitHub Exploit DB Packet Storm
223842 5.8 警告 sina - Sina Inc. DLoader Class ActiveX コントロールにおける任意のファイルを上書きされる脆弱性 CWE-Other
その他 		CVE-2008-6442 2012-12-20 19:10 2009-03-9 Show GitHub Exploit DB Packet Storm
223843 4.3 警告 phpsqlitecms - phpSQLiteCMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6435 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
223844 7.5 危険 psychostats - PsychoStats における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6422 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
223845 7.5 危険 socialsitegenerator - Social Site Generator の social_game_play.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-6421 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
223846 5 警告 socialsitegenerator - Social Site Generator における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2008-6420 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
223847 7.5 危険 socialsitegenerator - Social Site Generator における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6419 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
223848 7.5 危険 torrenttrader - TorrentTrader の scrape.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6418 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
223849 10 危険 Youngzsoft - YoungZSoft CCProxy におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-6415 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
223850 7.5 危険 vignette - Vignette Content Management における管理者権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-6412 2012-12-20 19:10 2009-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 17, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1451 6.5 MEDIUM
Network 		linkwhisper link_whisper The Link Whisper Free WordPress plugin before 0.9.1 has a publicly accessible REST endpoint that allows unauthenticated settings updates. New CWE-306
Missing Authentication for Critical Function 		CVE-2026-1900 2026-04-14 04:52 2026-04-7 Show GitHub Exploit DB Packet Storm
1452 6.3 MEDIUM
Adjacent 		openclaw openclaw OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can e… New CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-35659 2026-04-14 04:21 2026-04-11 Show GitHub Exploit DB Packet Storm
1453 8.8 HIGH
Network 		- - A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go cau… New CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-6200 2026-04-14 04:16 2026-04-14 Show GitHub Exploit DB Packet Storm
1454 8.8 HIGH
Network 		- - A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. … New CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-6199 2026-04-14 04:16 2026-04-14 Show GitHub Exploit DB Packet Storm
1455 8.8 HIGH
Network 		- - A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-b… New CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-6198 2026-04-14 04:16 2026-04-14 Show GitHub Exploit DB Packet Storm
1456 7.2 HIGH
Network 		- - Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication. New CWE-176
 Improper Handling of Unicode Encoding 		CVE-2026-4116 2026-04-14 04:16 2026-04-10 Show GitHub Exploit DB Packet Storm
1457 7.2 HIGH
Network 		- - An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials. New CWE-204
 Response Discrepancy Information Exposure 		CVE-2026-4113 2026-04-14 04:16 2026-04-10 Show GitHub Exploit DB Packet Storm
1458 9.8 CRITICAL
Network 		- - Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write P… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-40044 2026-04-14 04:16 2026-04-14 Show GitHub Exploit DB Packet Storm
1459 9.8 CRITICAL
Network 		- - Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsafe XML parsing in the TextParser helper. Attackers… New CWE-403
 Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') 		CVE-2026-40042 2026-04-14 04:16 2026-04-14 Show GitHub Exploit DB Packet Storm
1460 4.3 MEDIUM
Network 		- - Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-chang… New CWE-352
 Origin Validation Error 		CVE-2026-40041 2026-04-14 04:16 2026-04-14 Show GitHub Exploit DB Packet Storm