Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249321	7.5	危険	BIGACE	-	BigACE における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-2520	2012-06-26 16:02	2008-06-3	Show	GitHub Exploit DB Packet Storm

249322	6.8	警告	Core FTP	-	Core FTP クライアントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2519	2012-06-26 16:02	2008-02-18	Show	GitHub Exploit DB Packet Storm

249323	7.5	危険	excuse online	-	Excuse Online の pwd.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2509	2012-06-26 16:02	2008-05-29	Show	GitHub Exploit DB Packet Storm

249324	4.3	警告	brown bear software	-	Brown Bear Software Calcium の Calcium40.pl におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2507	2012-06-26 16:02	2008-05-29	Show	GitHub Exploit DB Packet Storm

249325	7.5	危険	emule	-	eMule X-Ray の Web サーバにおけるメモリ破損を誘発される脆弱性	CWE-399 リソース管理の問題	CVE-2008-2502	2012-06-26 16:02	2008-05-29	Show	GitHub Exploit DB Packet Storm

249326	4.3	警告	badongo	-	Campus Bulletin Board の post3/Book.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2493	2012-06-26 16:02	2008-05-28	Show	GitHub Exploit DB Packet Storm

249327	7.5	危険	badongo	-	Campus Bulletin Board における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2492	2012-06-26 16:02	2008-05-28	Show	GitHub Exploit DB Packet Storm

249328	9.3	危険	ebay	-	eBay Enhanced Picture Uploader ActiveX コントロールにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2008-2475	2012-06-26 16:02	2009-06-9	Show	GitHub Exploit DB Packet Storm

249329	6.5	警告	beaussier	-	RoomPHPlanning の admin/userform.php における新規に admin アカウントを作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-2488	2012-06-26 16:02	2008-05-28	Show	GitHub Exploit DB Packet Storm

249330	10	危険	emule	-	eMule Plus における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2008-2486	2012-06-26 16:02	2008-05-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351	5.5	MEDIUM Local	-	-	A stack overflow in the AP4_StsdAtom::AP4_StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. New	CWE-121 Stack-based Buffer Overflow	CVE-2026-36907	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

352	9.6	CRITICAL Network	-	-	mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.3.10, mise processes .tool-versions files through the Tera template engine during parsing, with the exec() function regis… New	CWE-94 Code Injection	CVE-2026-33646	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

353	7.1	HIGH Network	-	-	The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No fi… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-33560	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

354	8.8	HIGH Network	-	-	Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharact… New	CWE-78 OS Command	CVE-2026-32833	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

355	9.8	CRITICAL Network	-	-	Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths. New	CWE-22 Path Traversal	CVE-2026-28701	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

356	8.1	HIGH Network	-	-	The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.16.17 does not verify that the user performing a subscription act… New	-	CVE-2026-10820	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

357	7.5	HIGH Network	-	-	The APCu Manager WordPress plugin before 4.5.0 does not escape APCu object-cache keys before rendering them in an admin-area page, leading to a Stored Cross-Site Scripting vulnerability. When a persi… New	-	CVE-2026-10083	2026-06-29 23:16	2026-06-29	Show	GitHub Exploit DB Packet Storm

358	-		-	-	AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is a DoS vulnerability in ExtractTextInformationBlock… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2025-32423	2026-06-29 23:16	2026-06-27	Show	GitHub Exploit DB Packet Storm

359	7.5	HIGH Network	ollama	ollama	Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive … New	CWE-125 Out-of-bounds Read	CVE-2026-5757	2026-06-29 22:49	2026-06-27	Show	GitHub Exploit DB Packet Storm

360	5.3	MEDIUM Network	fasterxml	jackson-databind	jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextua… New	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-54515	2026-06-29 22:38	2026-06-24	Show	GitHub Exploit DB Packet Storm