Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200101 8.1 重要
Network 		Drupal
Debian		 - Drupal の User モジュールにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3169 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
200102 7.4 重要
Network 		Drupal
Debian		 - Drupal の drupal_goto 関数におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2016-3167 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
200103 5.9 警告
Network 		Drupal
Debian		 - Drupal の drupal_set_header 関数における CRLF インジェクションの脆弱性 CWE-Other
その他 		CVE-2016-3166 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
200104 7.5 重要
Network 		Drupal - Drupal の Form API におけるアクセス制限を回避される脆弱性 CWE-Other
その他 		CVE-2016-3165 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
200105 7.4 重要
Network 		Drupal
Debian		 - Drupal におけるオープンリダイレクト攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2016-3164 2016-04-15 10:44 2016-02-24 Show GitHub Exploit DB Packet Storm
200106 6.1 警告
Network 		SilverStripe - SilverStripe CMS & Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-8606 2016-04-14 17:48 2015-11-16 Show GitHub Exploit DB Packet Storm
200107 7.3 重要
Network 		Claws Mail - Claws Mail の codeconv.c の conv_euctojis 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-8708 2016-04-14 17:21 2015-12-21 Show GitHub Exploit DB Packet Storm
200108 6.1 警告
Network 		Atlassian - Atlassian Confluence におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-8398 2016-04-14 16:04 2015-11-16 Show GitHub Exploit DB Packet Storm
200109 6.1 警告
Network 		Apache Software Foundation - Apache Wicket の RadioGroup および CheckBoxMultipleChoice クラスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-7520 2016-04-14 16:03 2015-09-29 Show GitHub Exploit DB Packet Storm
200110 6.1 警告
Network 		Apache Software Foundation - Apache Wicket の org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-5347 2016-04-14 16:03 2015-11-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 20, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
611 7.2 HIGH
Network 		- - In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass New CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-33392 2026-04-18 00:13 2026-04-17 Show GitHub Exploit DB Packet Storm
612 5.0 MEDIUM
Local 		- - Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications access… New CWE-269
 Improper Privilege Management 		CVE-2026-40002 2026-04-18 00:13 2026-04-17 Show GitHub Exploit DB Packet Storm
613 - - - Insufficiently Protected Credentials vulnerability in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client reveals plaintext OAuth2 client secretDesktop client decodes the secret and uses the pl… New CWE-522
 Insufficiently Protected Credentials 		CVE-2025-15622 2026-04-18 00:13 2026-04-17 Show GitHub Exploit DB Packet Storm
614 - - - Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud… New CWE-359
CWE-497
 Exposure of Private Personal Information to an Unauthorized Actor
 Exposure of Sensitive System Information to an Unauthorized Control Sphere 		CVE-2025-15623 2026-04-18 00:13 2026-04-17 Show GitHub Exploit DB Packet Storm
615 - - - Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.  In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, P… New CWE-256
Plaintext Storage of a Password  		CVE-2025-15624 2026-04-18 00:13 2026-04-17 Show GitHub Exploit DB Packet Storm
616 - - - Unauthenticated user is able to execute arbitrary SQL commands in Sparx Pro Cloud Server database in certain cases. New CWE-89
CWE-200
SQL Injection
Information Exposure 		CVE-2025-15625 2026-04-18 00:13 2026-04-17 Show GitHub Exploit DB Packet Storm
617 7.2 HIGH
Network 		- - An out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attack… Update CWE-787
 Out-of-bounds Write 		CVE-2026-40688 2026-04-18 00:12 2026-04-15 Show GitHub Exploit DB Packet Storm
618 2.4 LOW
Network 		- - An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may a… Update CWE-601
Open Redirect 		CVE-2026-21741 2026-04-18 00:11 2026-04-15 Show GitHub Exploit DB Packet Storm
619 5.7 MEDIUM
Network 		- - A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3… Update CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-21742 2026-04-18 00:11 2026-04-15 Show GitHub Exploit DB Packet Storm
620 6.0 MEDIUM
Local 		- - An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all… Update CWE-22
Path Traversal 		CVE-2025-68649 2026-04-18 00:11 2026-04-15 Show GitHub Exploit DB Packet Storm