Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224001	5	警告	vpasp	-	VP-ASP Shopping Cart におけるパスワードを含むデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5929	2012-12-20 19:10	2009-01-21	Show	GitHub Exploit DB Packet Storm

224002	7.5	危険	umerinc	-	Umer Inc Songs Portal の albums.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5921	2012-12-20 19:10	2009-01-21	Show	GitHub Exploit DB Packet Storm

224003	7.5	危険	tigris	-	WebSVN の utils.inc における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-5920	2012-12-20 19:10	2009-01-20	Show	GitHub Exploit DB Packet Storm

224004	6.8	警告	tigris	-	WebSVN の rss.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5919	2012-12-20 19:10	2009-01-20	Show	GitHub Exploit DB Packet Storm

224005	4.3	警告	tigris	-	WebSVN の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5918	2012-12-20 19:10	2009-01-20	Show	GitHub Exploit DB Packet Storm

224006	7.5	危険	xrdp	-	xrdp の rdp/rdp_rdp.c における脆弱性	CWE-20 不適切な入力確認	CVE-2008-5904	2012-12-20 19:10	2009-01-15	Show	GitHub Exploit DB Packet Storm

224007	7.5	危険	xrdp	-	xrdp の xrdp/funcs.c における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2008-5903	2012-12-20 19:10	2009-01-15	Show	GitHub Exploit DB Packet Storm

224008	7.5	危険	xrdp	-	xrdp の xrdp/xrdp_bitmap.c におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5902	2012-12-20 19:10	2009-01-15	Show	GitHub Exploit DB Packet Storm

224009	5	警告	Tincan	-	phplist におけるファイルをインクルードされる脆弱性	CWE-20 不適切な入力確認	CVE-2008-5887	2012-12-20 19:10	2009-01-12	Show	GitHub Exploit DB Packet Storm

224010	5	警告	takempis	-	TAKempis Discussion Web におけるパスワードを含むデータベースファイルをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5886	2012-12-20 19:10	2009-01-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1411	4.3	MEDIUM Network	gitlab	gitlab	GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-r…	CWE-863 Incorrect Authorization	CVE-2026-1752	2026-04-15 02:02	2026-04-9	Show	GitHub Exploit DB Packet Storm

1412	7.5	HIGH Network	telesquare	sdt-cs3b1_firmware	Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can…	CWE-306 Missing Authentication for Critical Function	CVE-2017-20222	2026-04-15 02:00	2026-03-16	Show	GitHub Exploit DB Packet Storm

1413	7.5	HIGH Network	telesquare	sdt-cs3b1_firmware	Telesquare SKT LTE Router SDT-CS3B1 versión de software 1.2.0 contiene una vulnerabilidad de reinicio remoto no autenticado que permite a los atacantes activar el reinicio del dispositivo sin autenti…	CWE-306 Missing Authentication for Critical Function	CVE-2017-20222	2026-04-15 02:00	2026-03-16	Show	GitHub Exploit DB Packet Storm

1414	4.3	MEDIUM Network	gitlab	gitlab	GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to access con…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-2104	2026-04-15 01:57	2026-04-9	Show	GitHub Exploit DB Packet Storm

1415	9.8	CRITICAL Network	telesquare	sdt-cs3b1_firmware	Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulatin…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2017-20223	2026-04-15 01:57	2026-03-16	Show	GitHub Exploit DB Packet Storm

1416	9.8	CRITICAL Network	telesquare	sdt-cs3b1_firmware	La versión de firmware 1.2.0 del Telesquare SKT LTE Router SDT-CS3B1 contiene una vulnerabilidad de referencia directa a objeto insegura que permite a los atacantes eludir la autorización y acceder a…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2017-20223	2026-04-15 01:57	2026-03-16	Show	GitHub Exploit DB Packet Storm

1417	4.3	MEDIUM Network	gitlab	gitlab	GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authent…	CWE-863 Incorrect Authorization	CVE-2026-2619	2026-04-15 01:55	2026-04-9	Show	GitHub Exploit DB Packet Storm

1418	9.8	CRITICAL Network	telesquare	sdt-cs3b1_firmware	Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP m…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-20224	2026-04-15 01:52	2026-03-16	Show	GitHub Exploit DB Packet Storm

1419	9.8	CRITICAL Network	telesquare	sdt-cs3b1_firmware	El router Telesquare SKT LTE SDT-CS3B1 versión 1.2.0 contiene una vulnerabilidad de carga arbitraria de archivos que permite a atacantes no autenticados cargar contenido malicioso explotando métodos …	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-20224	2026-04-15 01:52	2026-03-16	Show	GitHub Exploit DB Packet Storm

1420	8.8	HIGH Network	lfprojects	mlflow	A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct in…	CWE-94 Code Injection	CVE-2025-14287	2026-04-15 01:48	2026-03-16	Show	GitHub Exploit DB Packet Storm