Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1161 9.8 緊急
Network 		FreeRDP FreeRDP FreeRDPにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-23532 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1162 9.8 緊急
Network 		FreeRDP FreeRDP FreeRDPにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-23533 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1163 9.8 緊急
Network 		FreeRDP FreeRDP FreeRDPにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-23534 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1164 7.5 重要
Network 		FreeRDP FreeRDP FreeRDPにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-23732 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1165 9.8 緊急
Network 		FreeRDP FreeRDP FreeRDPにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-23883 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1166 9.8 緊急
Network 		FreeRDP FreeRDP FreeRDPにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-23884 2026-01-29 15:59 2026-01-19 Show GitHub Exploit DB Packet Storm
1167 6.5 警告
Network 		pnpm pnpm pnpmにおける複数の脆弱性 CWE-22
CWE-23
CWE-426
CVE-2026-23888 2026-01-29 15:59 2026-01-26 Show GitHub Exploit DB Packet Storm
1168 6.5 警告
Network 		pnpm pnpm pnpmにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-23889 2026-01-29 15:58 2026-01-26 Show GitHub Exploit DB Packet Storm
1169 6.5 警告
Network 		pnpm pnpm pnpmにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-23890 2026-01-29 15:58 2026-01-26 Show GitHub Exploit DB Packet Storm
1170 6.5 警告
Network 		pnpm pnpm pnpmにおける複数の脆弱性 CWE-22
CWE-59
CWE-59
CVE-2026-24056 2026-01-29 15:58 2026-01-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283721 - marcello_vitagliano meganoides_news PHP remote file inclusion vulnerability in include.php in Meganoide's news 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. NVD-CWE-Other
CVE-2007-1024 2018-10-17 01:36 2007-02-21 Show GitHub Exploit DB Packet Storm
283722 - scriptdungeon xlatunes SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the album parameter in view mode. NOTE: some of these details are ob… CWE-89
SQL Injection 		CVE-2007-1026 2018-10-17 01:36 2007-02-21 Show GitHub Exploit DB Packet Storm
283723 - quicksoft easymail_objects Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name. NVD-CWE-Other
CVE-2007-1029 2018-10-17 01:36 2007-02-21 Show GitHub Exploit DB Packet Storm
283724 - niels_provos libevent Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset. NVD-CWE-Other
CVE-2007-1030 2018-10-17 01:36 2007-02-21 Show GitHub Exploit DB Packet Storm
283725 - jboss jboss_application_server The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-1036 2018-10-17 01:36 2007-02-21 Show GitHub Exploit DB Packet Storm
283726 - ezboo webstats Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. NVD-CWE-Other
CVE-2007-1043 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283727 - pearson_education powerschool Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: … CWE-200
Information Exposure 		CVE-2007-1044 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283728 - malbum malbum mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"sdfg", which allows remote attackers to gain privileges. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-1045 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283729 - malbum malbum mAlbum should reconfigure their administrative login and password from their default values. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-1045 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm
283730 - dem_trac dem_trac Dem_trac allows remote attackers to read log file contents via a direct request for /anc_sit.txt. NVD-CWE-Other
CVE-2007-1046 2018-10-17 01:36 2007-02-22 Show GitHub Exploit DB Packet Storm