Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224171	5.1	警告	phpc0d3r	-	txtCMS の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5217	2012-12-20 18:52	2008-11-24	Show	GitHub Exploit DB Packet Storm

224172	7.5	危険	toddwoolums	-	Todd Woolums ASP News Management の viewnews.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5273	2012-12-20 18:52	2008-11-28	Show	GitHub Exploit DB Packet Storm

224173	4	警告	SyndeoCMS	-	Fred Stuurman SyndeoCMS におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5272	2012-12-20 18:52	2008-11-28	Show	GitHub Exploit DB Packet Storm

224174	4.3	警告	SyndeoCMS	-	Fred Stuurman SyndeoCMS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5271	2012-12-20 18:52	2008-11-28	Show	GitHub Exploit DB Packet Storm

224175	7.5	危険	wareziz	-	Yuhhu Superstar の view.topics.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5270	2012-12-20 18:52	2008-11-28	Show	GitHub Exploit DB Packet Storm

224176	2.6	注意	Ando Saabas	-	Sphider の search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5211	2012-12-20 18:52	2008-11-24	Show	GitHub Exploit DB Packet Storm

224177	9.3	危険	phpblock	-	PhpBlock における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-5210	2012-12-20 18:52	2008-11-24	Show	GitHub Exploit DB Packet Storm

224178	4.3	警告	wellyblog	-	wellyblog の edit.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5205	2012-12-20 18:52	2008-11-21	Show	GitHub Exploit DB Packet Storm

224179	6.8	警告	poweraward	-	PowerAward におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5204	2012-12-20 18:52	2008-11-21	Show	GitHub Exploit DB Packet Storm

224180	4.3	警告	poweraward	-	PowerAward の external_vote.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5203	2012-12-20 18:52	2008-11-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1451	5.7	MEDIUM Adjacent	tp-link	archer_ax53_firmware	An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is pro…	CWE-15 CWE-610 External Control of System or Configuration Setting Externally Controlled Reference to a Resource in Another Sphere	CVE-2026-30817	2026-04-15 01:19	2026-04-9	Show	GitHub Exploit DB Packet Storm

1452	5.7	MEDIUM Adjacent	tp-link	archer_ax53_firmware	An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is p…	CWE-15 CWE-610 External Control of System or Configuration Setting Externally Controlled Reference to a Resource in Another Sphere	CVE-2026-30816	2026-04-15 01:19	2026-04-9	Show	GitHub Exploit DB Packet Storm

1453	8.0	HIGH Adjacent	tp-link	archer_ax53_firmware	An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration fil…	CWE-78 OS Command	CVE-2026-30815	2026-04-15 01:19	2026-04-9	Show	GitHub Exploit DB Packet Storm

1454	8.0	HIGH Adjacent	tp-link	archer_ax53_firmware	A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via …	CWE-121 CWE-787 Stack-based Buffer Overflow Out-of-bounds Write	CVE-2026-30814	2026-04-15 01:19	2026-04-9	Show	GitHub Exploit DB Packet Storm

1455	7.8	HIGH Local	amazon	athena_odbc	Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authenticatio…	CWE-77 Command Injection	CVE-2026-35558	2026-04-15 01:17	2026-04-4	Show	GitHub Exploit DB Packet Storm

1456	7.5	HIGH Network	montala	resourcespace	ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can…	CWE-89 SQL Injection	CVE-2019-25662	2026-04-15 01:16	2026-04-6	Show	GitHub Exploit DB Packet Storm

1457	4.7	MEDIUM Network	-	-	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through < 7.0.00.	CWE-601 Open Redirect	CVE-2026-39484	2026-04-15 01:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

1458	4.3	MEDIUM Network	-	-	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from …	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2026-39469	2026-04-15 01:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

1459	5.5	MEDIUM Network	-	-	Server-Side Request Forgery (SSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Server Side Request Forgery.This issue affects Comi…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-39464	2026-04-15 01:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

1460	9.8	CRITICAL Network	simple-git_project	simple-git	`simple-git`, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes (CVE-2022-25860 an…	CWE-78 CWE-178 OS Command Improper Handling of Case Sensitivity	CVE-2026-28292	2026-04-15 01:16	2026-03-11	Show	GitHub Exploit DB Packet Storm