Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
235811	4.4	警告	Linux	-	Linux kernel における vserver のリソースにアクセスされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-0163	2012-09-25 16:59	2008-02-12	Show	GitHub Exploit DB Packet Storm

235812	5	警告	million dollar script	-	Million Dollar Script の index.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0156	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

235813	4.3	警告	hughes technologies	-	W3-mSQL のエラーページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0146	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

235814	7.5	危険	The PHP Group	-	PHP の glob における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0145	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

235815	6.8	警告	loudblog.de	-	Loudblog の loudblog/inc/parse_old.php における任意の PHP コードを実行される脆弱性	CWE-89 SQLインジェクション	CVE-2008-0139	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

235816	4.3	警告	instantsoftwares	-	Instant Softwares Dating Site の login_form.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0131	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

235817	7.5	危険	instantsoftwares	-	Instant Softwares Dating Site の login_form.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0130	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

235818	8.8	危険	マカフィー	-	McAfee E-Business Server の管理インターフェースにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2008-0127	2012-09-25 16:59	2008-01-9	Show	GitHub Exploit DB Packet Storm

235819	4.3	警告	Moodle	-	Moodle の install.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0123	2012-09-25 16:59	2008-01-11	Show	GitHub Exploit DB Packet Storm

235820	6.8	警告	myphp forum	-	MyPHP Forum における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0099	2012-09-25 16:59	2008-01-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
261	3.3	LOW Local	-	-	Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileg… New	CWE-778 Insufficient Logging	CVE-2026-32803	2026-05-9 00:36	2026-05-8	Show	GitHub Exploit DB Packet Storm

262	-		-	-	An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash (BSOD) via a read size that exceeds the buffer size.Refer to the ' … New	CWE-125 Out-of-bounds Read	CVE-2026-3508	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

263	-		-	-	An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touc… New	CWE-782 Exposed IOCTL with Insufficient Access Control	CVE-2026-6737	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

264	-		-	-	PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. … New	CWE-22 CWE-269 CWE-284 CWE-732 Path Traversal Improper Privilege Management Improper Access Control Incorrect Permission Assignment for Critical Resource	CVE-2026-8069	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

265	-		-	-	The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plug… New	CWE-863 Incorrect Authorization	CVE-2025-66170	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

266	-		-	-	The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e… New	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2025-66171	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

267	-		-	-	The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e… New	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2025-66172	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

268	8.0	HIGH Network	-	-	Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, th… New	CWE-459 Incomplete Cleanup	CVE-2025-66467	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

269	6.5	MEDIUM Network	-	-	Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limi… New	CWE-367 CWE-770 Time-of-check Time-of-use (TOCTOU) Race Condition Allocation of Resources Without Limits or Throttling	CVE-2025-69233	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm

270	-		-	-	The optional extension component TinkerpopClientService is missing the Restricted annotation with the Execute Code Required Permission in Apache NiFi 2.0.0-M1 through 2.8.0. The TinkerpopClientServic… New	CWE-862 Missing Authorization	CVE-2026-39816	2026-05-9 00:34	2026-05-8	Show	GitHub Exploit DB Packet Storm