Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
239581 9.3 危険 friendly technologies - Friendly Technologies FriendlyPPPoE Client における任意のファイルを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4050 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239582 6.8 警告 friendly technologies - Friendly Technologies FriendlyPPPoE Client の fwRemoteCfg.dll における任意のプログラムを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4049 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239583 6.8 警告 friendly technologies - Friendly Technologies FriendlyPPPoE Client の fwRemoteCfg.dll におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-4048 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239584 7.5 危険 elitecms - eliteCMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4046 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239585 4.3 警告 @mail - @Mail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4045 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239586 7.5 危険 aj square - AJ Square aj-hyip の article/readarticle.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4044 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239587 7.5 危険 aj square - AJ Square AJ HYIP Acme における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-4043 2012-06-26 16:02 2008-09-11 Show GitHub Exploit DB Packet Storm
239588 9.3 危険 gmanedit2 - gmanedit の open_man_file 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3971 2012-06-26 16:02 2008-09-10 Show GitHub Exploit DB Packet Storm
239589 7.5 危険 bitlbee - BitlBee における既存のアカウントを "上書き" される脆弱性 CWE-264
CWE-399
CVE-2008-3969 2012-06-26 16:02 2008-09-10 Show GitHub Exploit DB Packet Storm
239590 7.5 危険 AlstraSoft - AlstraSoft Forum Pay Per Post Exchange の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3954 2012-06-26 16:02 2008-09-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
961 3.3 LOW
Local 		- - A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms (e.g., ln SOURCE... DIRECTORY). Whi… New CWE-176
 Improper Handling of Unicode Encoding 		CVE-2026-35373 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
962 6.3 MEDIUM
Local 		- - A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output file… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-35374 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
963 3.3 LOW
Local 		- - A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes to_string_lossy() wh… New CWE-176
 Improper Handling of Unicode Encoding 		CVE-2026-35375 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
964 4.5 MEDIUM
Local 		- - A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path loo… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-35376 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
965 3.3 LOW
Local 		- - A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S (split-string) option. In GNU env, backslashes within single quot… New CWE-20
 Improper Input Validation  		CVE-2026-35377 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
966 3.3 LOW
Local 		- - A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw… New CWE-768
CVE-2026-35378 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
967 3.3 LOW
Local 		- - A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the [:graph:] and [:print:] character classes. The implementation mistakenly includes the ASCII space char… New CWE-684
 Incorrect Provision of Specified Functionality 		CVE-2026-35379 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
968 8.1 HIGH
Network 		- - Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-26354 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
969 - - - An authenticated attacker can store a crafted tag value in _user_tags and trigger JavaScript execution when a victim opens the list/report view where tags are rendered. The vulnerable renderer interp… New CWE-79
Cross-site Scripting 		CVE-2026-3673 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
970 - - - http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the gen… New CWE-150
 Improper Neutralization of Escape, Meta, or Control Sequences 		CVE-2026-6019 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm