Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
235111	8.5	危険	mywebcards	-	WebCards の "Add Image Macro" 機能における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-4878	2012-09-25 17:17	2008-11-1	Show	GitHub Exploit DB Packet Storm

235112	6.8	警告	mywebcards	-	WebCards の admin.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4877	2012-09-25 17:17	2008-11-1	Show	GitHub Exploit DB Packet Storm

235113	4.3	警告	Koninklijke Philips N.V.	-	Philips Electronics VOIP841 DECT Phone の Web サーバコンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4876	2012-09-25 17:17	2008-11-1	Show	GitHub Exploit DB Packet Storm

235114	6.8	警告	Koninklijke Philips N.V.	-	Philips Electronics VOIP841 DECT Phone の Web サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4875	2012-09-25 17:17	2008-11-1	Show	GitHub Exploit DB Packet Storm

235115	5	警告	Koninklijke Philips N.V.	-	Philips Electronics VOIP841 DECT Phone の Web コンポーネントにおけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-4874	2012-09-25 17:17	2008-11-1	Show	GitHub Exploit DB Packet Storm

235116	4.3	警告	ITechScripts	-	iTechBids の bidhistory.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4872	2012-09-25 17:17	2008-10-31	Show	GitHub Exploit DB Packet Storm

235117	4.3	警告	my little homepage	-	my little forum におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4871	2012-09-25 17:17	2008-10-31	Show	GitHub Exploit DB Packet Storm

235118	10	危険	IBM	-	IBM Lotus Connections の Profiles 検索ページにおける脆弱性	CWE-noinfo 情報不足	CVE-2008-4809	2012-09-25 17:17	2008-10-31	Show	GitHub Exploit DB Packet Storm

235119	5	警告	IBM	-	IBM Lotus Connections におけるパスワードを発見される脆弱性	CWE-200 情報漏えい	CVE-2008-4808	2012-09-25 17:17	2008-10-31	Show	GitHub Exploit DB Packet Storm

235120	2.1	注意	IBM	-	IBM Lotus Connections における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2008-4807	2012-09-25 17:17	2008-10-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1281	7.2	HIGH Network	-	-	OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality (modules/aggiornamenti/upload_modules.php)	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-38751	2026-05-8 00:53	2026-05-5	Show	GitHub Exploit DB Packet Storm

1282	8.1	HIGH Network	-	-	IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authen…	CWE-284 Improper Access Control	CVE-2025-67796	2026-05-8 00:53	2026-05-5	Show	GitHub Exploit DB Packet Storm

1283	5.9	MEDIUM Network	-	-	eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under…	CWE-302 Authentication Bypass by Assumed-Immutable Data	CVE-2026-28510	2026-05-8 00:53	2026-05-5	Show	GitHub Exploit DB Packet Storm

1284	7.7	HIGH Local	-	-	The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perform any access control checks on the write_mem (ioctl 0x89F5) and read_mem (ioct…	CWE-200 CWE-782 CWE-787 Information Exposure Exposed IOCTL with Insufficient Access Control Out-of-bounds Write	CVE-2026-36355	2026-05-8 00:53	2026-05-5	Show	GitHub Exploit DB Packet Storm

1285	9.1	CRITICAL Network	-	-	The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint.	CWE-78 CWE-306 OS Command Missing Authentication for Critical Function	CVE-2026-36356	2026-05-8 00:53	2026-05-5	Show	GitHub Exploit DB Packet Storm

1286	4.7	MEDIUM Network	-	-	ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS) via the system status webpage.	CWE-79 Cross-site Scripting	CVE-2025-52206	2026-05-8 00:53	2026-05-6	Show	GitHub Exploit DB Packet Storm

1287	5.3	MEDIUM Network	-	-	An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthen…	CWE-696 Incorrect Behavior Order	CVE-2026-43002	2026-05-8 00:53	2026-05-6	Show	GitHub Exploit DB Packet Storm

1288	7.7	HIGH Network	-	-	An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-…	CWE-669 Incorrect Resource Transfer Between Spheres	CVE-2026-42997	2026-05-8 00:53	2026-05-6	Show	GitHub Exploit DB Packet Storm

1289	7.5	HIGH Network	-	-	Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14.	CWE-284 Improper Access Control	CVE-2024-52911	2026-05-8 00:53	2026-05-6	Show	GitHub Exploit DB Packet Storm

1290	8.1	HIGH Network	-	-	In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltab_fetch_clients_cb() in contrib/mod_wrap2_sql.c allows a remote attacker to inject arbitrary SQL commands via a crafted…	CWE-89 SQL Injection	CVE-2026-44331	2026-05-8 00:53	2026-05-6	Show	GitHub Exploit DB Packet Storm