Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224001 5 警告 vpasp - VP-ASP Shopping Cart におけるパスワードを含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5929 2012-12-20 19:10 2009-01-21 Show GitHub Exploit DB Packet Storm
224002 7.5 危険 umerinc - Umer Inc Songs Portal の albums.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5921 2012-12-20 19:10 2009-01-21 Show GitHub Exploit DB Packet Storm
224003 7.5 危険 tigris - WebSVN の utils.inc における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5920 2012-12-20 19:10 2009-01-20 Show GitHub Exploit DB Packet Storm
224004 6.8 警告 tigris - WebSVN の rss.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5919 2012-12-20 19:10 2009-01-20 Show GitHub Exploit DB Packet Storm
224005 4.3 警告 tigris - WebSVN の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5918 2012-12-20 19:10 2009-01-20 Show GitHub Exploit DB Packet Storm
224006 7.5 危険 xrdp - xrdp の rdp/rdp_rdp.c における脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5904 2012-12-20 19:10 2009-01-15 Show GitHub Exploit DB Packet Storm
224007 7.5 危険 xrdp - xrdp の xrdp/funcs.c における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2008-5903 2012-12-20 19:10 2009-01-15 Show GitHub Exploit DB Packet Storm
224008 7.5 危険 xrdp - xrdp の xrdp/xrdp_bitmap.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5902 2012-12-20 19:10 2009-01-15 Show GitHub Exploit DB Packet Storm
224009 5 警告 Tincan - phplist におけるファイルをインクルードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-5887 2012-12-20 19:10 2009-01-12 Show GitHub Exploit DB Packet Storm
224010 5 警告 takempis - TAKempis Discussion Web におけるパスワードを含むデータベースファイルをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5886 2012-12-20 19:10 2009-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1301 7.8 HIGH
Local 		gimp gimp GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is… CWE-190
 Integer Overflow or Wraparound 		CVE-2026-4154 2026-04-15 04:33 2026-04-11 Show GitHub Exploit DB Packet Storm
1302 7.8 HIGH
Local 		gimp gimp GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inte… CWE-122
CWE-787
Heap-based Buffer Overflow
 Out-of-bounds Write 		CVE-2026-4153 2026-04-15 04:33 2026-04-11 Show GitHub Exploit DB Packet Storm
1303 7.8 HIGH
Local 		gimp gimp GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is… CWE-190
 Integer Overflow or Wraparound 		CVE-2026-4151 2026-04-15 04:32 2026-04-11 Show GitHub Exploit DB Packet Storm
1304 9.8 CRITICAL
Network 		mrcms mrcms MRCMS 3.1.2 contains an access control vulnerability. The save() method in src/main/java/org/marker/mushroom/controller/UserController.java lacks proper authorization validation, enabling direct addi… CWE-284
Improper Access Control 		CVE-2026-31272 2026-04-15 04:32 2026-04-8 Show GitHub Exploit DB Packet Storm
1305 7.8 HIGH
Local 		gimp gimp GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inte… CWE-122
CWE-787
Heap-based Buffer Overflow
 Out-of-bounds Write 		CVE-2026-4152 2026-04-15 04:32 2026-04-11 Show GitHub Exploit DB Packet Storm
1306 7.8 HIGH
Local 		gimp gimp GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is… CWE-190
 Integer Overflow or Wraparound 		CVE-2026-4150 2026-04-15 04:32 2026-04-11 Show GitHub Exploit DB Packet Storm
1307 9.8 CRITICAL
Network 		statamcp stata-mcp A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution. CWE-94
Code Injection 		CVE-2026-31040 2026-04-15 04:31 2026-04-9 Show GitHub Exploit DB Packet Storm
1308 7.8 HIGH
Local 		fleetdm fleet Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation flow on collects a local user's password via a GUI dialog and interpolates i… CWE-78
OS Command  		CVE-2026-27806 2026-04-15 04:31 2026-04-9 Show GitHub Exploit DB Packet Storm
1309 5.7 MEDIUM
Adjacent 		lfprojects mcp_java_sdk MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to 1.0.0, the java-sdk contains a DNS rebinding vulnerability. This vulnerability allows an attacker to acc… CWE-346
 Origin Validation Error 		CVE-2026-35568 2026-04-15 04:31 2026-04-8 Show GitHub Exploit DB Packet Storm
1310 9.1 CRITICAL
Network 		qd-today qd QD 20230821 is vulnerable to Server-side request forgery (SSRF) via a crafted request CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2023-46945 2026-04-15 04:29 2026-04-9 Show GitHub Exploit DB Packet Storm