Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245641	10	危険	DELL EMC (旧 EMC Corporation)	-	EMV DiskXtender における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-0961	2012-06-26 15:55	2008-04-14	Show	GitHub Exploit DB Packet Storm

245642	6.8	警告	alivemedia online media technologies ussun orion studios	-	NCTAudioInformation2 ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0959	2012-06-26 15:55	2008-05-29	Show	GitHub Exploit DB Packet Storm

245643	9.3	危険	backweb Logitech	-	BackWeb の ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0956	2012-06-26 15:55	2008-06-11	Show	GitHub Exploit DB Packet Storm

245644	9.3	危険	creative	-	CTSUEng.ocx におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0955	2012-06-26 15:55	2008-05-29	Show	GitHub Exploit DB Packet Storm

245645	7.5	危険	aeries	-	Eagle Software ABI における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0943	2012-06-26 15:55	2008-02-25	Show	GitHub Exploit DB Packet Storm

245646	7.5	危険	aeries	-	Eagle Software ABI の GradebookStuScores.aspSQL における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0942	2012-06-26 15:55	2008-02-25	Show	GitHub Exploit DB Packet Storm

245647	4.3	警告	aeries	-	Eagle Software ABI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0941	2012-06-26 15:55	2008-02-25	Show	GitHub Exploit DB Packet Storm

245648	7.2	危険	freshmeat Debian	-	Debian GNU/Linux の XWine の w_editeur.c における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-0930	2012-06-26 15:55	2008-02-26	Show	GitHub Exploit DB Packet Storm

245649	7.5	危険	becontent	-	beContent の news.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0921	2012-06-26 15:55	2008-02-22	Show	GitHub Exploit DB Packet Storm

245650	7.5	危険	astats Joomla!	-	Joomla! の astatspro コンポーネントの includes/count_dl_or_link.inc.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0918	2012-06-26 15:55	2008-02-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
31	6.5	MEDIUM Network	-	-	Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API (POST /api/views) accepts a calculation parameter from the request body that is interpolated directly into a CouchDB re… New	CWE-94 Code Injection	CVE-2026-45719	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

32	5.4	MEDIUM Network	-	-	Budibase is an open-source low-code platform. Prior to 3.38.1, the row action trigger endpoint (POST /api/tables/:sourceId/actions/:actionId/trigger) fails to validate that the user-supplied rowId is… New	CWE-863 Incorrect Authorization	CVE-2026-45718	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

33	8.8	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoute… New	CWE-862 Missing Authorization	CVE-2026-45717	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

34	8.8	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissio… New	CWE-269 Improper Privilege Management	CVE-2026-45716	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

35	7.7	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to 3.38.1, the REST datasource integration (packages/server/src/integrations/rest.ts) follows HTTP redirects without re-checking the IP blacklist, … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45715	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

36	7.7	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetch(fileUrl) directly without the IP blacklist… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45548	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

37	7.5	HIGH Network	-	-	Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both wri… New	CWE-362 CWE-404 Race Condition Improper Resource Shutdown or Release	CVE-2026-45090	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

38	8.2	HIGH Network	-	-	Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the output, output-all, and debug fields in model.Options … New	CWE-73 CWE-306 CWE-434 External Control of File Name or Path Missing Authentication for Critical Function Unrestricted Upload of File with Dangerous Type	CVE-2026-45089	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

39	7.5	HIGH Network	-	-	Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tag… New	CWE-73 CWE-306 CWE-552 External Control of File Name or Path Missing Authentication for Critical Function Files or Directories Accessible to External Parties	CVE-2026-45088	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

40	10.0	CRITICAL Network	-	-	Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode (dalfox server), the server binds to 0.0.0.0:6664 by de… New	CWE-15 CWE-78 CWE-306 External Control of System or Configuration Setting OS Command Missing Authentication for Critical Function	CVE-2026-45087	2026-05-28 03:16	2026-05-28	Show	GitHub Exploit DB Packet Storm