Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232311	5	警告	zekewalker	-	World of Phaos の showSource.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1755	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

232312	1.7	注意	シマンテック	-	Symantec Altiris Deployment Solution における重要な情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2008-1754	2012-12-20 18:52	2008-04-10	Show	GitHub Exploit DB Packet Storm

232313	2.1	注意	Beijing Rising International Software	-	Rising Antivirus 2008 におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-1738	2012-12-20 18:52	2008-04-29	Show	GitHub Exploit DB Packet Storm

232314	6.9	警告	ソフォス	-	Sophos Anti-Virus におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-1737	2012-12-20 18:52	2008-04-29	Show	GitHub Exploit DB Packet Storm

232315	7.5	危険	pragmaticutopia	-	Joomla! 用の com_puarcade コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1733	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

232316	7.5	危険	predictionfootball	-	Prediction Football の showpredictionsformatch.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1732	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

232317	9.3	危険	tumbleweed	-	Tumbleweed SecureTransport Server の vcst_en.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1724	2012-12-20 18:52	2008-04-11	Show	GitHub Exploit DB Packet Storm

232318	7.5	危険	Samba Project	-	rsync におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1720	2012-12-20 18:52	2008-04-8	Show	GitHub Exploit DB Packet Storm

232319	6.8	警告	tru-zone	-	Nuke ET におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-1719	2012-12-20 18:52	2008-04-10	Show	GitHub Exploit DB Packet Storm

232320	5	警告	woltlab	-	WoltLab Burning Board の WCF におけるフルパスを取得される脆弱性	CWE-200 情報漏えい	CVE-2008-1717	2012-12-20 18:52	2008-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1071	-		-	-	Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet_tls_dist:check_ip/… New	CWE-863 CWE-1025 Incorrect Authorization Comparison Using Wrong Factors	CVE-2026-48860	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1072	-		-	-	Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration via timing side-channel in password authentication. W… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-48859	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1073	4.3	MEDIUM Network	google	chrome	Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High) Update	CWE-457 Use of Uninitialized Variable	CVE-2026-11668	2026-06-11 01:17	2026-06-9	Show	GitHub Exploit DB Packet Storm

1074	-		-	-	Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request… New	CWE-601 Open Redirect	CVE-2026-48856	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1075	-		-	-	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery. The SSH_FXP_READLINK handler in ssh_sftpd sends the raw result of… New	CWE-200 Information Exposure	CVE-2026-48855	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1076	-		-	-	Crawlee is a web scraping and browser automation library. From version 1.0.0 to before version 1.7.0, Crawlee is vulnerable to SSRF via sitemap-derived URLs. This issue has been patched in version 1.… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-46497	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1077	8.1	HIGH Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString (app/modules/roxywi/class_models.py:16-30) is the centralised Pydan… New	CWE-20 CWE-22 CWE-117 Improper Input Validation Path Traversal Improper Output Neutralization for Logs	CVE-2026-45565	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1078	8.8	HIGH Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions/<service>/<server_ip>/<configver>/save interpolates the URL… New	CWE-78 OS Command	CVE-2026-45564	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1079	4.3	MEDIUM Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history/<service>/<server_ip> re-uses the server_ip path parameter as a user… New	CWE-639 CWE-863 Authorization Bypass Through User-Controlled Key Incorrect Authorization	CVE-2026-45563	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm

1080	4.9	MEDIUM Network	-	-	Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, get_ldap_email (app/modules/roxywi/user.py:120-157) builds the LDAP search filter… New	CWE-90 LDAP Injection	CVE-2026-45559	2026-06-11 01:17	2026-06-11	Show	GitHub Exploit DB Packet Storm