Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1591 4.3 警告
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品における認可されていない制御領域への重要情報の漏えいに関する脆弱性 CWE-497
認可されていない制御領域への重要情報の漏えい 		CVE-2026-0887 2026-01-27 17:33 2026-01-13 Show GitHub Exploit DB Packet Storm
1592 5.3 警告
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-0888 2026-01-27 17:33 2026-01-13 Show GitHub Exploit DB Packet Storm
1593 5.4 警告
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品におけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-0890 2026-01-27 17:33 2026-01-13 Show GitHub Exploit DB Packet Storm
1594 8.1 重要
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-0891 2026-01-27 17:33 2026-01-13 Show GitHub Exploit DB Packet Storm
1595 9.8 緊急
Network 		Mozilla Foundation Mozilla Thunderbird
Mozilla Firefox 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-0892 2026-01-27 17:33 2026-01-13 Show GitHub Exploit DB Packet Storm
1596 9.8 緊急
Network 		シスコシステムズ Cisco Unified Communications Manager IM and Presence Service
Cisco Unity Connection
Cisco Unified Communications Manager 		シスコシステムズのCisco Unified Communications Manager等の複数製品におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-20045 2026-01-27 17:33 2026-01-21 Show GitHub Exploit DB Packet Storm
1597 4.3 警告
Network 		NetApp ONTAP NetAppのONTAPにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-22050 2026-01-27 17:33 2026-01-12 Show GitHub Exploit DB Packet Storm
1598 9.8 緊急
Network 		Docmost Docmost Docmostにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-22249 2026-01-27 17:33 2026-01-15 Show GitHub Exploit DB Packet Storm
1599 9.8 緊急
Network 		Tencent WeKnora TencentのWeKnoraにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-22687 2026-01-27 17:33 2026-01-10 Show GitHub Exploit DB Packet Storm
1600 8.8 重要
Network 		Tencent WeKnora TencentのWeKnoraにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-22688 2026-01-27 17:32 2026-01-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
282931 - civiltech avax_vector_activex A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax Vector 1.3 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the WriteMovie metho… NVD-CWE-Other
CVE-2007-3459 2018-10-17 01:49 2007-06-28 Show GitHub Exploit DB Packet Storm
282932 - sofaware safe_at_office_500_utm Cross-site request forgery (CSRF) vulnerability in Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, allows remote attackers to execute commands as arbitrary users, and d… NVD-CWE-Other
CVE-2007-3462 2018-10-17 01:49 2007-06-28 Show GitHub Exploit DB Packet Storm
282933 - sofaware safe_at_office_500_utm Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, does not require entry of the old password when changing the admin password, which might allow attackers to gain privile… NVD-CWE-Other
CVE-2007-3464 2018-10-17 01:49 2007-06-28 Show GitHub Exploit DB Packet Storm
282934 - sofaware safe_at_office_500_utm Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, has a certain default password. NVD-CWE-Other
CVE-2007-3465 2018-10-17 01:49 2007-06-28 Show GitHub Exploit DB Packet Storm
282935 - videolan vlc_media_player Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rat… NVD-CWE-Other
CVE-2007-3467 2018-10-17 01:49 2007-06-28 Show GitHub Exploit DB Packet Storm
282936 - videolan vlc_media_player input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used. NVD-CWE-Other
CVE-2007-3468 2018-10-17 01:49 2007-06-28 Show GitHub Exploit DB Packet Storm
282937 - libgd gd_graphics_library Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. CWE-189
Numeric Errors 		CVE-2007-3472 2018-10-17 01:49 2007-06-29 Show GitHub Exploit DB Packet Storm
282938 - libgd gd_graphics_library An integer overflow exists in the "gdImageCreateTrueColor()" function. CWE-189
Numeric Errors 		CVE-2007-3472 2018-10-17 01:49 2007-06-29 Show GitHub Exploit DB Packet Storm
282939 - libgd gd_graphics_library The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCr… NVD-CWE-noinfo
CVE-2007-3473 2018-10-17 01:49 2007-06-29 Show GitHub Exploit DB Packet Storm
282940 - libgd gd_graphics_library Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors. NVD-CWE-noinfo
CVE-2007-3474 2018-10-17 01:49 2007-06-29 Show GitHub Exploit DB Packet Storm