Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232101	7.5	危険	realm project	-	Realm CMS の _includes/inc_routines.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2679	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

232102	7.5	危険	telephone	-	Telephone Directory 2008 における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2678	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

232103	4.3	警告	telephone	-	Telephone Directory 2008 の edit1.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2677	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

232104	4.3	警告	softcomplex	-	PHP Image Gallery の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2675	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

232105	7.5	危険	Powie	-	Powie pNews の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2673	2012-12-20 18:52	2008-06-12	Show	GitHub Exploit DB Packet Storm

232106	7.5	危険	y-blog	-	yBlog における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2669	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

232107	4.3	警告	y-blog	-	yBlog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2668	2012-12-20 18:52	2008-06-11	Show	GitHub Exploit DB Packet Storm

232108	7.5	危険	smeweb	-	SMEWeb の catalog.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2652	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

232109	4.3	警告	smeweb	-	SMEWeb における任意の Web スクリプトまたは HTML を挿入される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2644	2012-12-20 18:52	2008-06-10	Show	GitHub Exploit DB Packet Storm

232110	7.5	危険	theflashblog	-	FlashBlog の php/leer_comentarios.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2572	2012-12-20 18:52	2008-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1181	-		-	-	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu…	CWE-20 Improper Input Validation	CVE-2026-0415	2026-06-10 23:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1182	-		-	-	Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu…	CWE-94 Code Injection	CVE-2026-0414	2026-06-10 23:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1183	7.5	HIGH Network	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attack…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2025-71330	2026-06-10 23:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1184	7.5	HIGH Network	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2025-71329	2026-06-10 23:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1185	7.5	HIGH Network	-	-	image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2025-71319	2026-06-10 23:16	2026-06-10	Show	GitHub Exploit DB Packet Storm

1186	6.1	MEDIUM Network	apache	answer	Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Timeline-related APIs lacked proper authorization …	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2026-25699	2026-06-10 22:38	2026-06-9	Show	GitHub Exploit DB Packet Storm

1187	6.5	MEDIUM Network	apache	answer	Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation durin…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-33582	2026-06-10 22:37	2026-06-9	Show	GitHub Exploit DB Packet Storm

1188	6.5	MEDIUM Network	apache	answer	Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied image URLs, a…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-34031	2026-06-10 22:28	2026-06-9	Show	GitHub Exploit DB Packet Storm

1189	6.5	MEDIUM Network	apache	answer	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access rest…	CWE-200 Information Exposure	CVE-2026-34905	2026-06-10 22:28	2026-06-9	Show	GitHub Exploit DB Packet Storm

1190	6.1	MEDIUM Network	apache	answer	Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. AI-generated response content was rendered in the browser without pr…	CWE-87 Improper Neutralization of Alternate XSS Syntax	CVE-2026-25688	2026-06-10 22:12	2026-06-9	Show	GitHub Exploit DB Packet Storm