Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239221 9.3 危険 lightblog - LightBlog の cp_upload_image.php における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0632 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239222 6.8 警告 MPlayer project - MPlayer および SVN の url.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0630 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239223 4.3 警告 MPlayer project - MPlayer および SVN の stream_cddb.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0629 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239224 9.3 危険 Nero - Nero Media Player の NeroMediaPlayer.exe におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0619 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239225 7.5 危険 photokorn - Photokorn Gallery の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0614 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239226 5 警告 Ipswitch, Inc. - IPSwitch WS_FTP の ftplogsrv.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2008-0608 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239227 7.5 危険 sigsiu.net
Mambo Foundation
Joomla!		 - Joomla! および Mambo 用の Sigsiu Online Business Index 2 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0607 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239228 7.5 危険 Mambo Foundation
Joomla!		 - Mambo および Joomla! 用の Shambo2 コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0606 2012-09-25 16:59 2008-02-6 Show GitHub Exploit DB Packet Storm
239229 9 危険 Ipswitch, Inc. - SSH を持つ Ipswitch WS_FTP Server におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0590 2012-09-25 16:59 2008-02-5 Show GitHub Exploit DB Packet Storm
239230 7.2 危険 geert moernaut - Geert Moernaut LSrunasE における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0581 2012-09-25 16:59 2008-02-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2971 8.8 HIGH
Network 		- - A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipul… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-9628 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2972 6.3 MEDIUM
Network 		- - A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation of the argument s results … CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9607 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2973 4.3 MEDIUM
Network 		- - A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. E… CWE-200
CWE-209
Information Exposure
Information Exposure Through an Error Message 		CVE-2026-9583 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2974 7.3 HIGH
Network 		- - A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM up to 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5. The affected element is an unknown function of the component Dashboard. Such mani… CWE-266
CWE-284
 Incorrect Privilege Assignment
Improper Access Control 		CVE-2026-9562 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2975 6.3 MEDIUM
Network 		- - A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argu… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-9511 2026-05-29 01:16 2026-05-26 Show GitHub Exploit DB Packet Storm
2976 4.8 MEDIUM
Network 		- - Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random_bytes function fell back to using the built-in rand() function when… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2026-8647 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2977 7.5 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for… CWE-862
 Missing Authorization 		CVE-2026-48151 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2978 8.1 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/… CWE-79
Cross-site Scripting 		CVE-2026-48149 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2979 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection.… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-48146 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2980 5.3 MEDIUM
Network 		- - Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted… CWE-93
CRLF Injection 		CVE-2026-46740 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm