Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199991 4.3 警告
Network 		Google - Google Chrome の content/browser/web_contents/web_contents_impl.cc におけるアドレスバーを偽装される脆弱性 CWE-Other
その他 		CVE-2016-1657 2016-04-19 17:14 2016-04-13 Show GitHub Exploit DB Packet Storm
199992 9.8 緊急
Network 		トレンドマイクロ - トレンドマイクロのパスワードマネージャーの HTTP サーバにおける任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2016-3987 2016-04-19 17:13 2016-01-11 Show GitHub Exploit DB Packet Storm
199993 8.8 重要
Network 		Debian
openSUSE project
SUSE
Fedora Project
Mercurial		 - Mercurial のバイナリデルタデコーダにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-3630 2016-04-19 17:03 2016-03-29 Show GitHub Exploit DB Packet Storm
199994 7.8 重要
Local 		AVAST Software s.r.o. - Avast におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-3986 2016-04-19 17:00 2016-03-4 Show GitHub Exploit DB Packet Storm
199995 6.5 警告
Network 		パルスセキュア - Pulse Connect Secure の Terminal Services RDP クライアントセッション制限機能におけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-3985 2016-04-19 16:39 2016-03-1 Show GitHub Exploit DB Packet Storm
199996 9.8 緊急
Network 		ESET - ESET NOD32 のアーカイブサポートモジュールにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-8841 2016-04-19 15:48 2015-06-29 Show GitHub Exploit DB Packet Storm
199997 8.8 重要
Network 		The Cacti Group - Cacti の graphs_new.php の host_new_graphs 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-8604 2016-04-19 14:21 2015-12-16 Show GitHub Exploit DB Packet Storm
199998 5.1 警告
Local 		レッドハット - Red Hat CloudForms Management Engine における重要なデータを取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-7502 2016-04-19 14:04 2015-12-8 Show GitHub Exploit DB Packet Storm
199999 7.5 重要
Network 		OpenStack - TripleO Heat templates における OpenStack Networking メタデータリクエストを偽造される脆弱性 CWE-Other
その他 		CVE-2015-5303 2016-04-19 12:11 2015-12-14 Show GitHub Exploit DB Packet Storm
200000 7.5 重要
Network 		F5 Networks - 複数の F5 BIG-IP 製品の Traffic Management Microkernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2015-8240 2016-04-19 11:56 2015-11-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 17, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
281 7.5 HIGH
Network 		orthanc-server orthanc A gzip decompression bomb vulnerability exists when Orthanc processes HTTP request with `Content-Encoding: gzip`. The server does not enforce limits on decompressed size and allocates memory based on… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-5438 2026-04-16 04:31 2026-04-10 Show GitHub Exploit DB Packet Storm
282 6.5 MEDIUM
Network 		minio minio MinIO is a high-performance object storage system. From RELEASE.2018-08-18T03-49-57Z to before RELEASE.2025-12-20T04-58-37Z, MinIO's S3 Select feature is vulnerable to memory exhaustion when processi… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-39414 2026-04-16 04:30 2026-04-9 Show GitHub Exploit DB Packet Storm
283 8.8 HIGH
Network 		openclaw openclaw OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers ca… New CWE-648
CWE-863
 Incorrect Use of Privileged APIs
 Incorrect Authorization 		CVE-2026-35645 2026-04-16 04:25 2026-04-10 Show GitHub Exploit DB Packet Storm
284 6.1 MEDIUM
Network 		circl ail_framework AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting (XSS) vulnerability was identified in the modal item pre… New CWE-79
Cross-site Scripting 		CVE-2026-39416 2026-04-16 04:20 2026-04-9 Show GitHub Exploit DB Packet Storm
285 5.4 MEDIUM
Network 		- - A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This… New CWE-863
 Incorrect Authorization 		CVE-2026-6383 2026-04-16 04:16 2026-04-16 Show GitHub Exploit DB Packet Storm
286 5.5 MEDIUM
Local 		- - A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Be… New CWE-805
 Buffer Access with Incorrect Length Value 		CVE-2026-6245 2026-04-16 04:16 2026-04-16 Show GitHub Exploit DB Packet Storm
287 - - - CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access… New CWE-798
 Use of Hard-coded Credentials 		CVE-2026-5189 2026-04-16 04:16 2026-04-16 Show GitHub Exploit DB Packet Storm
288 8.4 HIGH
Network 		- - IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug Pages Read Only capabil… New CWE-863
 Incorrect Authorization 		CVE-2026-4857 2026-04-16 04:16 2026-04-16 Show GitHub Exploit DB Packet Storm
289 5.0 MEDIUM
Network 		- - Weblate is a web based localization tool. In versions prior to 5.17, repository-boundary validation relies on string prefix checks on resolved absolute paths. In multiple code paths, the check uses s… New CWE-22
Path Traversal 		CVE-2026-40256 2026-04-16 04:16 2026-04-16 Show GitHub Exploit DB Packet Storm
290 4.1 MEDIUM
Network 		- - Weblate is a web based localization tool. In versions prior to 5.17, the webhook add-on did not utilize existing SSRF protections. This issue has been fixed in version 5.17. If developers are unable … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-39845 2026-04-16 04:16 2026-04-16 Show GitHub Exploit DB Packet Storm