Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193831	7.8	重要 Local	Peter Selinger	-	potrace の bitmap_io.c の bm_readbody_bmp 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-8698	2017-02-13 17:30	2016-08-8	Show	GitHub Exploit DB Packet Storm

193832	4.3	警告	Peter Selinger	-	potrace の bitmap.h の bm_new 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-369 ゼロ除算	CVE-2016-8697	2017-02-13 17:30	2016-08-8	Show	GitHub Exploit DB Packet Storm

193833	5.5	警告 Local	Peter Selinger	-	potrace の bitmap_io.c の bm_readbody_bmp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2016-8696	2017-02-13 17:30	2016-08-8	Show	GitHub Exploit DB Packet Storm

193834	5.5	警告 Local	Peter Selinger	-	potrace の bitmap_io.c の bm_readbody_bmp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2016-8695	2017-02-13 17:30	2016-08-8	Show	GitHub Exploit DB Packet Storm

193835	5.5	警告 Local	Peter Selinger	-	potrace の bitmap_io.c の bm_readbody_bmp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2016-8694	2017-02-13 17:30	2016-08-8	Show	GitHub Exploit DB Packet Storm

193836	7.8	重要 Local	Peter Selinger	-	potrace の bitmap.h の bm_new 関数におけるメモリアロケーションエラーを誘発される脆弱性	CWE-119 バッファエラー	CVE-2016-8686	2017-02-13 17:30	2016-08-29	Show	GitHub Exploit DB Packet Storm

193837	5.5	警告 Local	Peter Selinger	-	potrace の decompose.c の findnext 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-8685	2017-02-13 17:30	2016-08-29	Show	GitHub Exploit DB Packet Storm

193838	7.8	重要 Local	libquicktime	-	libquicktime の quicktime_read_pascal 関数における整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2016-2399	2017-02-13 17:15	2016-02-23	Show	GitHub Exploit DB Packet Storm

193839	6.1	警告 Network	Debian Canonical MoinMoin	-	MoinMoin の GUI エディタのリンクダイアログにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-9119	2017-02-13 16:59	2016-11-15	Show	GitHub Exploit DB Packet Storm

193840	8.8	重要 Network	Roundcube.net	-	Roundcube の Password プラグインの DBMail ドライバにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2015-2181	2017-02-13 16:36	2015-02-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
731	6.8	MEDIUM Network	-	-	Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity susceptible to brute-force attacks past the unsuccessful login attempt limit. This vulnerability …	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2025-31991	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

732	4.3	MEDIUM Network	-	-	The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 seq…	CWE-20 Improper Input Validation	CVE-2026-6231	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

733	6.5	MEDIUM Adjacent	-	-	A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks cou…	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2025-3756	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

734	-		-	-	Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `MemoryError` and the decompression instance is re-u…	CWE-416 CWE-787 Use After Free Out-of-bounds Write	CVE-2026-6100	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

735	-		-	-	Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the …	CWE-77 Command Injection	CVE-2026-4786	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

736	7.5	HIGH Network	-	-	Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in tim…	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-5086	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

737	6.1	MEDIUM Network	-	-	Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL, that if accessed …	CWE-79 Cross-site Scripting	CVE-2026-0512	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

738	4.2	MEDIUM Network	-	-	Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain valid session tokens and reuse them to gain unauth…	CWE-539 Use of Persistent Cookies Containing Sensitive Information	CVE-2026-24318	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

739	4.3	MEDIUM Network	-	-	The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This vulnerability has a lo…	CWE-862 Missing Authorization	CVE-2026-27672	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

740	4.9	MEDIUM Network	-	-	Due to a missing authorization check, SAP S/4HANA (Private Cloud and On-Premise) allows an authenticated user to delete files on the operating system and gain unauthorized control over file operation…	CWE-862 Missing Authorization	CVE-2026-27673	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm