Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200021 8.1 重要
Network 		Huawei - Huawei Policy Center のソフトウェアにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-3675 2016-04-18 17:08 2016-03-25 Show GitHub Exploit DB Packet Storm
200022 8.8 重要
Network 		Huawei - Huawei Policy Center のソフトウェアにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2405 2016-04-18 17:08 2016-02-17 Show GitHub Exploit DB Packet Storm
200023 5.5 警告
Local 		Huawei - Huawei P8 スマートフォンのソフトウェアのグラフィックドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-1496 2016-04-18 17:08 2016-01-13 Show GitHub Exploit DB Packet Storm
200024 7.8 重要
Local 		Huawei - Huawei Mate S スマートフォンのソフトウェアのグラフィックドライバにおける整数オーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-1495 2016-04-18 17:08 2016-02-3 Show GitHub Exploit DB Packet Storm
200025 5.5 警告
Local 		Huawei - Huawei Sophia-L10 スマートフォンのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8305 2016-04-18 17:08 2015-11-20 Show GitHub Exploit DB Packet Storm
200026 7.8 重要
Local 		Huawei - Huawei P7 フォンのソフトウェアにおける整数オーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-8304 2016-04-18 17:08 2015-11-20 Show GitHub Exploit DB Packet Storm
200027 9.8 緊急
Network 		Debian
Kamailio		 - Kamailio の SEAS モジュールの encode_msg.c におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-2385 2016-04-18 16:53 2016-03-3 Show GitHub Exploit DB Packet Storm
200028 9.8 緊急
Network 		SPIP
Debian		 - SPIP の ecrire/inc/filtres.php の encoder_contexte_ajax 関数における PHP オブジェクトインジェクション攻撃を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2016-3154 2016-04-18 16:22 2016-03-10 Show GitHub Exploit DB Packet Storm
200029 9.8 緊急
Network 		SPIP
Debian		 - SPIP における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2016-3153 2016-04-18 16:22 2016-03-10 Show GitHub Exploit DB Packet Storm
200030 7.5 重要
Network 		アドビシステムズ - Adobe RoboHelp Server における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-1035 2016-04-18 16:14 2016-04-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 17, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311 6.5 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.25 contains a pre-authentication rate-limit bypass vulnerability in webhook token validation that allows attackers to brute-force weak webhook secrets. The vulnerability exists… New CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2026-35646 2026-04-16 03:52 2026-04-10 Show GitHub Exploit DB Packet Storm
312 7.1 HIGH
Local 		nomachine nomachine NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker … New CWE-73
 External Control of File Name or Path 		CVE-2026-5053 2026-04-16 03:43 2026-04-11 Show GitHub Exploit DB Packet Storm
313 7.5 HIGH
Network 		svelte kit SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, under certain circumstances, requests could bypass the BODY_SIZE_LIMIT on SvelteKit … New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-40073 2026-04-16 03:43 2026-04-11 Show GitHub Exploit DB Packet Storm
314 7.8 HIGH
Local 		nomachine nomachine NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker … New CWE-73
 External Control of File Name or Path 		CVE-2026-5054 2026-04-16 03:42 2026-04-11 Show GitHub Exploit DB Packet Storm
315 7.8 HIGH
Local 		nomachine nomachine NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attac… New CWE-427
 Uncontrolled Search Path Element 		CVE-2026-5055 2026-04-16 03:41 2026-04-11 Show GitHub Exploit DB Packet Storm
316 5.4 MEDIUM
Network 		futo immich immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting (XSS) in the 360° panorama viewer allows any authenticated user to execute a… New CWE-79
Cross-site Scripting 		CVE-2026-35455 2026-04-16 03:38 2026-04-9 Show GitHub Exploit DB Packet Storm
317 8.6 HIGH
Local 		adobe framemaker Adobe Framemaker versions 2022.8 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the app… New CWE-426
 Untrusted Search Path 		CVE-2026-27290 2026-04-16 03:32 2026-04-15 Show GitHub Exploit DB Packet Storm
318 7.8 HIGH
Local 		adobe bridge Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of… New CWE-122
Heap-based Buffer Overflow 		CVE-2026-34630 2026-04-16 03:20 2026-04-15 Show GitHub Exploit DB Packet Storm
319 8.0 HIGH
Network 		- - Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with acces… New CWE-863
 Incorrect Authorization 		CVE-2026-6290 2026-04-16 03:17 2026-04-16 Show GitHub Exploit DB Packet Storm
320 - - - The "profiling.sampling" module (Python 3.15+) and "asyncio introspection capabilities" (3.14+, "python -m asyncio ps" and "python -m asyncio pstree") features could be used to read and write address… New CWE-121
CWE-125
Stack-based Buffer Overflow
Out-of-bounds Read 		CVE-2026-5713 2026-04-16 03:17 2026-04-15 Show GitHub Exploit DB Packet Storm