Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194021	7.5	重要 Network	SAP	-	SAP AS JAVA の P4 SERVERCORE コンポーネントの msp におけるシステム情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2017-5372	2017-02-7 15:51	2017-01-13	Show	GitHub Exploit DB Packet Storm

194022	7.5	重要 Network	SAP	-	SAP Adaptive Server Enterprise の OData サーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2017-5371	2017-02-7 15:51	2017-01-13	Show	GitHub Exploit DB Packet Storm

194023	6.1	警告 Network	DELL EMC (旧 EMC Corporation)	-	EMC RSA Security Analytics における反射型クロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-8215	2017-02-7 14:49	2016-09-13	Show	GitHub Exploit DB Packet Storm

194024	6.7	警告 Local	DELL EMC (旧 EMC Corporation)	-	EMC Avamar Data Store および Avamar Virtual Edition における Avamar サーバを侵害される脆弱性	CWE-275 パーミッションの問題	CVE-2016-8214	2017-02-7 14:48	2016-09-13	Show	GitHub Exploit DB Packet Storm

194025	9.8	緊急 Network	Zoho Corporation	-	ZOHO WebNMS Framework における認証を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2016-6603	2017-02-7 14:23	2016-07-4	Show	GitHub Exploit DB Packet Storm

194026	9.8	緊急 Network	Zoho Corporation	-	ZOHO WebNMS Framework における平文のパスワードを取得される脆弱性	CWE-327 不完全、または危険な暗号アルゴリズムの使用	CVE-2016-6602	2017-02-7 14:23	2016-07-4	Show	GitHub Exploit DB Packet Storm

194027	7.5	重要 Network	Zoho Corporation	-	ZOHO WebNMS Framework のファイルダウンロード機能におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-6601	2017-02-7 14:23	2016-07-4	Show	GitHub Exploit DB Packet Storm

194028	9.8	緊急 Network	Zoho Corporation	-	ZOHO WebNMS Framework のファイルアップロード機能におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-6600	2017-02-7 14:23	2016-07-4	Show	GitHub Exploit DB Packet Storm

194029	9.8	緊急 Network	Michael Davis	-	python-jose における脆弱性	CWE-361 時間とステータス	CVE-2016-7036	2017-02-7 14:20	2016-09-5	Show	GitHub Exploit DB Packet Storm

194030	9.8	緊急 Network	The GIFLIB project	-	GIFLIB の gifcolor.c における脆弱性	CWE-415 CWE-416	CVE-2016-3177	2017-02-7 14:19	2016-03-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
401	-		-	-	DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplie… New	CWE-89 SQL Injection	CVE-2026-40900	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

402	-		-	-	mcp-framework is a framework for building Model Context Protocol (MCP) servers. In versions 0.2.21 and below, the readRequestBody() function in the HTTP transport concatenates request body chunks int… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-39313	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

403	-		-	-	free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceI… New	CWE-285 Improper Authorization	CVE-2026-40246	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

404	-		-	-	free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for reading Traffic Influence Subscriptions checks whether the influenceId… New	CWE-285 CWE-636 Improper Authorization Not Failing Securely ('Failing Open')	CVE-2026-40247	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

405	-		-	-	DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerT… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-40901	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

406	4.8	MEDIUM Network	-	-	Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to bypass t… New	CWE-305 CWE-319 Authentication Bypass by Primary Weakness Cleartext Transmission of Sensitive Information	CVE-2026-33472	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

407	4.9	MEDIUM Network	-	-	Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox… New	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-34164	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

408	-		-	-	spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocat… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-35469	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

409	7.5	HIGH Network	-	-	ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack bu… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-40170	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm

410	-		-	-	free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether th… New	CWE-285 CWE-636 Improper Authorization Not Failing Securely ('Failing Open')	CVE-2026-40248	2026-04-18 00:38	2026-04-17	Show	GitHub Exploit DB Packet Storm