Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199761 7.2 重要
Network 		dotCMS - dotCMS の Workflow Screen における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-4040 2016-04-27 16:34 2016-04-12 Show GitHub Exploit DB Packet Storm
199762 7.8 重要
Local 		Google - Android の rootdir/init.rc における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2420 2016-04-27 16:29 2016-04-4 Show GitHub Exploit DB Packet Storm
199763 7.8 重要
Local 		Google - Android の System_server で使用される Skia の include/core/SkPostConfig.h における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2412 2016-04-27 16:29 2016-04-4 Show GitHub Exploit DB Packet Storm
199764 5.3 警告
Network 		Magento, Inc. - Magento Enterprise Edition および Community Edition の app/code/core/Mage/Rss/Helper/Order.php における重要な注文情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-2212 2016-04-27 16:08 2016-02-23 Show GitHub Exploit DB Packet Storm
199765 8.1 重要
Network 		Drupal
Debian		 - Drupal の File モジュールにおけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-3162 2016-04-27 15:43 2016-02-24 Show GitHub Exploit DB Packet Storm
199766 8.1 重要
Network 		Apache Software Foundation - Apache Camel における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2015-5348 2016-04-27 15:26 2015-11-12 Show GitHub Exploit DB Packet Storm
199767 8.4 重要
Local 		NVIDIA - Windows 上で稼動する NVIDIA GPU グラフィックドライバのカーネルモードドライバレイヤの Escape インターフェースにおける重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-2558 2016-04-27 15:12 2016-03-14 Show GitHub Exploit DB Packet Storm
199768 8.4 重要
Local 		NVIDIA - Windows 上で稼動する NVIDIA GPU グラフィックドライバのカーネルモードドライバレイヤの Escape インターフェースにおけるカーネルメモリから重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2557 2016-04-27 15:12 2016-03-14 Show GitHub Exploit DB Packet Storm
199769 5.3 警告
Network 		OpenStack - OpenStack Compute の libvirt ドライバにおける任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2016-2140 2016-04-27 12:25 2016-03-8 Show GitHub Exploit DB Packet Storm
199770 6.2 警告
Local 		FreeBSD - FreeBSD の sys/amd64/amd64/sys_machdep.c の amd64_set_ldt 関数における整数符号エラーの脆弱性 CWE-119
バッファエラー 		CVE-2016-1885 2016-04-27 11:52 2016-03-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 7.0 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Update CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2026-33104 2026-04-18 03:20 2026-04-15 Show GitHub Exploit DB Packet Storm
162 8.1 HIGH
Network 		- - The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.6. This is due to insufficient file type … New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-5718 2026-04-18 03:16 2026-04-18 Show GitHub Exploit DB Packet Storm
163 7.5 HIGH
Network 		- - The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary File Read in versions up to and including 1.3.9.6. This is due to t… New CWE-22
Path Traversal 		CVE-2026-5710 2026-04-18 03:16 2026-04-18 Show GitHub Exploit DB Packet Storm
164 - - - Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the ConformityCheck class rendered the rule parameter through Jinja2's default Template() constructor, silentl… New CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-40320 2026-04-18 03:16 2026-04-18 Show GitHub Exploit DB Packet Storm
165 - - - Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search() wit… New CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2026-40319 2026-04-18 03:16 2026-04-18 Show GitHub Exploit DB Packet Storm
166 7.3 HIGH
Local 		- - Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory and files. This is caused by improper handlin… New CWE-280
Improper Handling of Insufficient Permissions or Privileges  		CVE-2026-21733 2026-04-18 03:16 2026-04-18 Show GitHub Exploit DB Packet Storm
167 7.9 HIGH
Local 		- - Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher se… New CWE-200
Information Exposure 		CVE-2025-65104 2026-04-18 03:16 2026-04-18 Show GitHub Exploit DB Packet Storm
168 4.3 MEDIUM
Network 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network. Update CWE-200
Information Exposure 		CVE-2026-33829 2026-04-18 03:15 2026-04-15 Show GitHub Exploit DB Packet Storm
169 7.3 HIGH
Local 		juniper junos A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which wi… Update CWE-61
 UNIX Symbolic Link (Symlink) Following 		CVE-2026-21916 2026-04-18 03:05 2026-04-10 Show GitHub Exploit DB Packet Storm
170 6.5 MEDIUM
Network 		juniper junos
junos_os_evolved 		An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker with low privileges to cause a complete Den… Update CWE-821
 Incorrect Synchronization 		CVE-2026-21919 2026-04-18 03:04 2026-04-10 Show GitHub Exploit DB Packet Storm