Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241951	7.5	危険	netrisk	-	NetRisk の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0185	2012-09-25 16:59	2008-01-9	Show	GitHub Exploit DB Packet Storm

241952	4.3	警告	Liferay	-	Liferay Portal の Admin ポートレットにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-0182	2012-09-25 16:59	2008-01-10	Show	GitHub Exploit DB Packet Storm

241953	4.3	警告	Liferay	-	Liferay Portal の Admin ポートレットにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0181	2012-09-25 16:59	2008-01-10	Show	GitHub Exploit DB Packet Storm

241954	4.3	警告	Liferay	-	Liferay Portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0180	2012-09-25 16:59	2008-01-10	Show	GitHub Exploit DB Packet Storm

241955	2.6	注意	Liferay	-	Liferay Portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0179	2012-09-25 16:59	2008-01-10	Show	GitHub Exploit DB Packet Storm

241956	4.3	警告	Liferay	-	Liferay Portal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0178	2012-09-25 16:59	2008-02-4	Show	GitHub Exploit DB Packet Storm

241957	6.8	警告	ikiwiki	-	ikiwiki の Plugin/passwordauth.pm における認証を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-0169	2012-09-25 16:59	2008-06-3	Show	GitHub Exploit DB Packet Storm

241958	4.3	警告	ikiwiki	-	Ikiwiki におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-0165	2012-09-25 16:59	2008-04-21	Show	GitHub Exploit DB Packet Storm

241959	4.4	警告	Linux	-	Linux kernel における vserver のリソースにアクセスされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-0163	2012-09-25 16:59	2008-02-12	Show	GitHub Exploit DB Packet Storm

241960	5	警告	million dollar script	-	Million Dollar Script の index.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0156	2012-09-25 16:59	2008-01-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
501	7.5	HIGH Network	nlnetlabs	nsd	When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes… New	CWE-284 CWE-306 Improper Access Control Missing Authentication for Critical Function	CVE-2026-12490	2026-06-26 11:08	2026-06-25	Show	GitHub Exploit DB Packet Storm

502	8.1	HIGH Network	nlnetlabs	nsd	NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a … New	CWE-20 CWE-120 Improper Input Validation Classic Buffer Overflow	CVE-2026-12246	2026-06-26 11:07	2026-06-25	Show	GitHub Exploit DB Packet Storm

503	7.5	HIGH Network	nlnetlabs	nsd	NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT c… New	CWE-416 Use After Free	CVE-2026-12245	2026-06-26 11:07	2026-06-25	Show	GitHub Exploit DB Packet Storm

504	8.8	HIGH Network	nlnetlabs	nsd	If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an (u… New	CWE-122 CWE-190 Heap-based Buffer Overflow Integer Overflow or Wraparound	CVE-2026-12244	2026-06-26 11:07	2026-06-25	Show	GitHub Exploit DB Packet Storm

505	8.8	HIGH Network	quest	netvault_backup	Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault… New	CWE-89 SQL Injection	CVE-2026-9781	2026-06-26 11:04	2026-06-25	Show	GitHub Exploit DB Packet Storm

506	8.8	HIGH Network	quest	netvault_backup	Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVa… New	CWE-79 Cross-site Scripting	CVE-2026-9780	2026-06-26 11:04	2026-06-25	Show	GitHub Exploit DB Packet Storm

507	8.8	HIGH Network	quest	netvault_backup	Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault… New	CWE-89 SQL Injection	CVE-2026-7570	2026-06-26 11:03	2026-06-25	Show	GitHub Exploit DB Packet Storm

508	4.3	MEDIUM Network	jenkins	contrast_continuous_application_security	Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metada… New	CWE-862 Missing Authorization	CVE-2026-57299	2026-06-26 11:03	2026-06-24	Show	GitHub Exploit DB Packet Storm

509	4.3	MEDIUM Network	jenkins	contrast_continuous_application_security	A missing permission check in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an a… New	CWE-862 Missing Authorization	CVE-2026-57297	2026-06-26 11:02	2026-06-24	Show	GitHub Exploit DB Packet Storm

510	5.4	MEDIUM Network	n8n	n8n	n8n before 1.123.25 (1.x) and before 2.11.2 (2.x), with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in the Form Trigger node's CSS sanitization that allows a… New	CWE-79 Cross-site Scripting	CVE-2026-56358	2026-06-26 11:02	2026-06-24	Show	GitHub Exploit DB Packet Storm