Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229851	7.5	危険	phpweather	-	PHP Weather の test.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5771	2012-12-20 19:10	2008-12-30	Show	GitHub Exploit DB Packet Storm

229852	4.3	警告	phpweather	-	PHP Weather の config/make_config.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5770	2012-12-20 19:10	2008-12-30	Show	GitHub Exploit DB Packet Storm

229853	7.5	危険	sirium	-	XOOPS 用の AM Events モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5768	2012-12-20 19:10	2008-12-30	Show	GitHub Exploit DB Packet Storm

229854	6.8	警告	phparanoid	-	PHParanoid におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-5758	2012-12-20 19:10	2008-12-30	Show	GitHub Exploit DB Packet Storm

229855	3.5	注意	Textpattern	-	Textpattern の textarea/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-5757	2012-12-20 19:10	2008-12-30	Show	GitHub Exploit DB Packet Storm

229856	4.3	警告	WordPress.org	-	WordPress 用の Page Flip Image Gallery プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5752	2012-12-20 19:10	2008-12-30	Show	GitHub Exploit DB Packet Storm

229857	7.5	危険	Pligg	-	Pligg CMS の evb/check_url.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5739	2012-12-20 19:10	2008-12-26	Show	GitHub Exploit DB Packet Storm

229858	7.5	危険	PHP-Fusion	-	PHP-Fusion 用の Team Impact TI Blog System モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5733	2012-12-20 19:10	2008-12-26	Show	GitHub Exploit DB Packet Storm

229859	7.5	危険	stormboards aaronnemisis	-	stormBoards の thread.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5726	2012-12-20 19:10	2008-12-26	Show	GitHub Exploit DB Packet Storm

229860	10	危険	sawstudio	-	SAWStudio におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5722	2012-12-20 19:10	2008-12-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
161	5.5	MEDIUM Local	-	-	A divide-by-zero vulnerability in the ext4_block_set_lb_size function in src/ext4_blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 fi… New	CWE-369 Divide By Zero	CVE-2025-70100	2026-06-5 00:48	2026-06-3	Show	GitHub Exploit DB Packet Storm

162	6.5	MEDIUM Network	-	-	An out-of-bounds read in the ext4_ext_binsearch_idx function in src/ext4_extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by supplying a specially crafted ext4 files… New	CWE-125 Out-of-bounds Read	CVE-2025-70101	2026-06-5 00:48	2026-06-3	Show	GitHub Exploit DB Packet Storm

163	-		-	-	Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. New	CWE-259 Use of Hard-coded Password	CVE-2026-22054	2026-06-5 00:48	2026-06-4	Show	GitHub Exploit DB Packet Storm

164	-		-	-	Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. New	CWE-259 Use of Hard-coded Password	CVE-2026-22055	2026-06-5 00:48	2026-06-4	Show	GitHub Exploit DB Packet Storm

165	-		-	-	In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receivi… New	CWE-862 Missing Authorization	CVE-2026-4881	2026-06-5 00:48	2026-06-4	Show	GitHub Exploit DB Packet Storm

166	7.5	HIGH Network	-	-	React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-run/server-runtime, certain crafted requests can consume disproportio… New	CWE-400 Uncontrolled Resource Consumption	CVE-2026-42342	2026-06-5 00:43	2026-06-3	Show	GitHub Exploit DB Packet Storm

167	-		-	-	Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodies. When Tesla.Middleware.… New	CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)	CVE-2026-48594	2026-06-5 00:42	2026-06-3	Show	GitHub Exploit DB Packet Storm

168	-		-	-	Improper Handling of Case Sensitivity vulnerability in elixir-tesla tesla allows credential leakage to a third-party origin on cross-origin redirects. Tesla.Middleware.FollowRedirects strips securit… New	CWE-178 Improper Handling of Case Sensitivity	CVE-2026-48595	2026-06-5 00:42	2026-06-3	Show	GitHub Exploit DB Packet Storm

169	-		-	-	Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in elixir-tesla tesla allows HTTP header injection via Tesla.Multipart.add_content_type_par… New	CWE-113 HTTP Response Splitting	CVE-2026-48596	2026-06-5 00:42	2026-06-3	Show	GitHub Exploit DB Packet Storm

170	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.open_conn/2 conv… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-48597	2026-06-5 00:42	2026-06-3	Show	GitHub Exploit DB Packet Storm