Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200001 4.3 警告
Network 		F5 Networks - 複数の F5 BIG-IP 製品の Configuration ユーティリティにおけるファイルをアップロードされる脆弱性 CWE-Other
その他 		CVE-2015-8021 2016-04-19 11:56 2015-10-28 Show GitHub Exploit DB Packet Storm
200002 8.8 重要
Network 		マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2016-1015 2016-04-19 10:36 2016-04-7 Show GitHub Exploit DB Packet Storm
200003 9.8 緊急
Network 		マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player における ASLR 保護メカニズムを回避される脆弱性 CWE-Other
その他 		CVE-2016-1006 2016-04-19 10:36 2016-04-7 Show GitHub Exploit DB Packet Storm
200004 5.3 警告
Network 		Drupal
Debian		 - Drupal の User モジュールの "have you forgotten your password" のリンクにおける重要なユーザ名情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-3170 2016-04-18 18:07 2016-02-24 Show GitHub Exploit DB Packet Storm
200005 6.4 警告
Network 		Drupal
Debian		 - Drupal の System モジュールにおけるサイト管理者の認証をハイジャックされる脆弱性 CWE-Other
その他 		CVE-2016-3168 2016-04-18 18:07 2016-02-24 Show GitHub Exploit DB Packet Storm
200006 7.3 重要
Network 		Prepopulate project - Drupal 用 Prepopulate モジュールの _prepopulate_request_walk 関数における特定のフィールドの型を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3188 2016-04-18 17:56 2016-03-2 Show GitHub Exploit DB Packet Storm
200007 7.3 重要
Network 		Prepopulate project - Drupal 用 Prepopulate モジュールにおける REQUEST スーパーグローバル変数の配列を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3187 2016-04-18 17:56 2016-03-2 Show GitHub Exploit DB Packet Storm
200008 7.5 重要
Network 		Apache Software Foundation - Apache Jetspeed の User Manager サービスにおけるユーザを追加される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2171 2016-04-18 17:37 2016-03-28 Show GitHub Exploit DB Packet Storm
200009 9.8 緊急
Network 		Apache Software Foundation - Apache OFBiz における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2170 2016-04-18 17:37 2016-04-5 Show GitHub Exploit DB Packet Storm
200010 6.5 警告
Network 		Apache Software Foundation - Apache Qpid Proton の複数のクラスにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-2166 2016-04-18 17:37 2016-03-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
431 7.4 HIGH
Network 		- - @fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not accoun… New CWE-436
 Interpretation Conflict 		CVE-2026-33804 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
432 - - - A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or dee… New CWE-20
 Improper Input Validation  		CVE-2026-6409 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
433 - - - A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a… New CWE-331
 Insufficient Entropy 		CVE-2026-2336 2026-04-18 00:17 2026-04-17 Show GitHub Exploit DB Packet Storm
434 5.4 MEDIUM
Network 		- - A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST Parameter Handler. The manipulation of the argum… New CWE-22
Path Traversal 		CVE-2026-6496 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
435 3.5 LOW
Network 		- - A flaw has been found in lukevella rallly up to 4.7.4. This affects an unknown function of the file apps/web/src/app/[locale]/(auth)/reset-password/components/reset-password-form.tsx of the component… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6493 2026-04-18 00:16 2026-04-18 Show GitHub Exploit DB Packet Storm
436 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php. New CWE-89
SQL Injection 		CVE-2026-37336 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
437 7.3 HIGH
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php. New CWE-89
SQL Injection 		CVE-2026-37337 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
438 9.4 CRITICAL
Network 		- - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_user.php. New CWE-89
SQL Injection 		CVE-2026-37338 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
439 - - - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_genre.php. New - CVE-2026-37339 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm
440 - - - SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/edit_music.php. New - CVE-2026-37340 2026-04-18 00:15 2026-04-17 Show GitHub Exploit DB Packet Storm