Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3881 6.5 警告
Network 		Pterodactyl Wings PterodactylのWingsにおける複数の脆弱性 CWE-400
CWE-770
CWE-770
CVE-2025-69199 2026-02-4 18:37 2026-01-19 Show GitHub Exploit DB Packet Storm
3882 9.8 緊急
Network 		fabianros Mobile Shop Management System In PHP With Source Code Fabian RosのMobile Shop Management System In PHP With Source Codeにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2025-69564 2026-02-4 18:37 2026-01-27 Show GitHub Exploit DB Packet Storm
3883 6.5 警告
Network 		PHPGurukul Online Course Registration PHPGurukulのOnline Course Registrationにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2025-70899 2026-02-4 18:37 2026-01-22 Show GitHub Exploit DB Packet Storm
3884 7.3 重要
Local 		Lenovo app store Lenovoのapp storeにおける不適切なデフォルトパーミッションに関する脆弱性 CWE-276
不適切なデフォルトパーミッション 		CVE-2025-8485 2026-02-4 18:37 2025-11-12 Show GitHub Exploit DB Packet Storm
3885 7.8 重要
Local 		Lenovo PCManager LenovoのPCManagerにおける不要な特権による実行に関する脆弱性 CWE-250
不要な特権による実行 		CVE-2025-8486 2026-02-4 18:37 2025-10-15 Show GitHub Exploit DB Packet Storm
3886 4.9 警告
Network 		M-Files M-Files Server M-FilesのM-Files Serverにおける入力の構文的正当性の検証に関する脆弱性 CWE-1286
入力の構文的正当性の不適切な検証 		CVE-2026-0663 2026-02-4 18:37 2026-01-21 Show GitHub Exploit DB Packet Storm
3887 6.1 警告
Network 		plantuml plantuml plantumlにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-0858 2026-02-4 18:37 2026-01-16 Show GitHub Exploit DB Packet Storm
3888 9.8 緊急
Network 		itsourcecode School Management System itsourcecodeのSchool Management Systemにおける複数の脆弱性 CWE-74
CWE-89
CVE-2026-1176 2026-02-4 18:37 2026-01-19 Show GitHub Exploit DB Packet Storm
3889 4.6 警告
Local 		Esri ArcGIS Pro EsriのArcGIS Proにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-1446 2026-02-4 18:37 2026-01-26 Show GitHub Exploit DB Packet Storm
3890 6.1 警告
Network 		NHN Japan billboard.js NHN Japanのbillboard.jsにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-1513 2026-02-4 18:37 2026-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349651 - rsyslog rsyslogd SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and before 1.10.1 allows remote attackers to execute arbitrary SQL commands via crafted syslog messages. NVD-CWE-Other
CVE-2005-3074 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349652 - mpc-donkey zengaia SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NVD-CWE-Other
CVE-2005-3075 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349653 - simplog simplog Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid (1) pid, (2) blogid, (3) cid, or (4) m parameters to archive.php, or the (5) blo… NVD-CWE-Other
CVE-2005-3076 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349654 - microsoft ie_for_macintosh Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers to cause a denial of service (crash) via a web page with malformed attributes in a BGSOUND tag, possibly involving double-quotes i… NVD-CWE-Other
CVE-2005-3077 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349655 - punbb punbb Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature. NVD-CWE-Other
CVE-2005-3078 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349656 - punbb punbb PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection. NVD-CWE-Other
CVE-2005-3079 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349657 - geshi geshi contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set. NVD-CWE-Other
CVE-2005-3080 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349658 - wzdftpd wzdftpd wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command. NVD-CWE-Other
CVE-2005-3081 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349659 - sony playstation_portable Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image. NVD-CWE-Other
CVE-2005-3084 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm
349660 - riverdark_studios rss_syndicator_module Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) … NVD-CWE-Other
CVE-2005-3085 2008-09-6 05:53 2005-09-28 Show GitHub Exploit DB Packet Storm