Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227441	5	警告	snitz forums 2000	-	Snitz Forums 2000 におけるデータベースをダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0135	2012-12-20 18:34	2008-01-8	Show	GitHub Exploit DB Packet Storm

227442	4.3	警告	snitz forums 2000	-	Snitz Forums 2000 の Forums/setup.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0134	2012-12-20 18:34	2008-01-8	Show	GitHub Exploit DB Packet Storm

227443	7.5	危険	thomas perez	-	Tribisur における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0133	2012-12-20 18:34	2008-01-8	Show	GitHub Exploit DB Packet Storm

227444	5	警告	pragma systems	-	Pragma FortressSSH におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-0132	2012-12-20 18:34	2008-01-8	Show	GitHub Exploit DB Packet Storm

227445	6.8	警告	siteatschool	-	Site@School の starnet/addons/slideshow_full.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0129	2012-12-20 18:34	2008-01-8	Show	GitHub Exploit DB Packet Storm

227446	4.3	警告	php-stats	-	Michael Wagner phpstats の phpstats.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0125	2012-12-20 18:34	2008-03-24	Show	GitHub Exploit DB Packet Storm

227447	4.3	警告	s9y	-	S9Y におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0124	2012-12-20 18:34	2008-02-25	Show	GitHub Exploit DB Packet Storm

227448	7.5	危険	ourproject.org	-	White_Dune の DuneApp.cpp におけるフォーマットストリングの脆弱性	CWE-20 不適切な入力確認	CVE-2008-0101	2012-12-20 18:34	2008-01-7	Show	GitHub Exploit DB Packet Storm

227449	7.5	危険	ourproject.org	-	White_Dune の Scene.cpp におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0100	2012-12-20 18:34	2008-01-7	Show	GitHub Exploit DB Packet Storm

227450	10	危険	リアルネットワークス	-	RealPlayer におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-0098	2012-12-20 18:34	2008-01-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1391	8.8	HIGH Network	-	-	Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/setting…	CWE-352 Origin Validation Error	CVE-2026-38934	2026-04-28 03:35	2026-04-28	Show	GitHub Exploit DB Packet Storm

1392	6.1	MEDIUM Network	-	-	A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter	CWE-79 Cross-site Scripting	CVE-2026-38935	2026-04-28 03:35	2026-04-28	Show	GitHub Exploit DB Packet Storm

1393	6.1	MEDIUM Network	-	-	A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter	CWE-79 Cross-site Scripting	CVE-2026-38936	2026-04-28 03:35	2026-04-28	Show	GitHub Exploit DB Packet Storm

1394	9.8	CRITICAL Network	-	-	A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the …	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7139	2026-04-28 03:35	2026-04-28	Show	GitHub Exploit DB Packet Storm

1395	9.8	CRITICAL Network	-	-	A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the arg…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7140	2026-04-28 03:35	2026-04-28	Show	GitHub Exploit DB Packet Storm

1396	5.4	MEDIUM Network	-	-	A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invit…	CWE-285 CWE-639 Improper Authorization Authorization Bypass Through User-Controlled Key	CVE-2026-7145	2026-04-28 03:35	2026-04-28	Show	GitHub Exploit DB Packet Storm

1397	4.0	MEDIUM Local	gnupg	libgcrypt	Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.	CWE-787 Out-of-bounds Write	CVE-2026-41990	2026-04-28 03:33	2026-04-23	Show	GitHub Exploit DB Packet Storm

1398	6.7	MEDIUM Local	gnupg	libgcrypt	Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.	CWE-787 Out-of-bounds Write	CVE-2026-41989	2026-04-28 03:33	2026-04-23	Show	GitHub Exploit DB Packet Storm

1399	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path…	-	CVE-2026-31673	2026-04-28 03:32	2026-04-25	Show	GitHub Exploit DB Packet Storm

1400	7.1	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() …	-	CVE-2026-31674	2026-04-28 03:32	2026-04-25	Show	GitHub Exploit DB Packet Storm