Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
200231 7.5 危険 アップル
PNG Development Group		 - libpng の pngrutil.c 内の png_read_IDAT_data 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-0973 2016-03-29 15:40 2015-01-9 Show GitHub Exploit DB Packet Storm
200232 10 危険 アップル
PNG Development Group		 - libpng の png_combine_row 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-9495 2016-03-29 15:40 2014-12-22 Show GitHub Exploit DB Packet Storm
200233 4.7 警告
Network 		Huseyin Berberoglu - WordPress 用プラグイン WP Favorite Posts におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-1160 2016-03-29 15:39 2016-03-24 Show GitHub Exploit DB Packet Storm
200234 4 警告 アップル
Apache Software Foundation		 - Apache Subversion の svn_repos_trace_node_locations 関数における重要なパス情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-3187 2016-03-29 15:39 2015-08-7 Show GitHub Exploit DB Packet Storm
200235 5 警告 アップル
Apache Software Foundation		 - Apache Subversion の mod_authz_svn における隠しファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-3184 2016-03-29 15:39 2015-08-7 Show GitHub Exploit DB Packet Storm
200236 2.9 注意 Belden Inc. - Hirschmann Classic Platform スイッチの管理者パスワードが SNMP コミュニティ名を通じて漏えいする問題 CWE-200
CWE-Other
CVE-2016-2509 2016-03-29 15:14 2016-02-16 Show GitHub Exploit DB Packet Storm
200237 7.5 危険 pcre.org - PCRE の pcre_jit_compile.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-9769 2016-03-29 15:05 2014-04-25 Show GitHub Exploit DB Packet Storm
200238 3.5 注意 VMware - Linux 上で稼動する VMware vRealize Business Advanced および Enterprise におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-2075 2016-03-29 12:06 2016-03-15 Show GitHub Exploit DB Packet Storm
200239 7.8 危険 シスコシステムズ - Cisco IOS および NX-OS の Locator/ID Separation Protocol の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-399
CVE-2016-1351 2016-03-29 11:59 2016-03-23 Show GitHub Exploit DB Packet Storm
200240 7.8 危険 シスコシステムズ - Cisco IOS および Unified Communications Manager におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-1350 2016-03-29 11:59 2016-03-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311 - - - Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). Non-constant time comparisons risk private key leakage in FrodoKEM. This issue affects BC… New CWE-385
 Covert Timing Channel 		CVE-2026-5598 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
312 7.5 HIGH
Network 		- - An issue in the file handling logic of the component download.php of SAC-NFe v2.0.02 allows attackers to execute a directory traversal and read arbitrary files from the system via a crafted GET reque… New CWE-22
Path Traversal 		CVE-2026-30996 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
313 7.4 HIGH
Network 		- - Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by trick… New CWE-200
Information Exposure 		CVE-2026-32631 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
314 3.1 LOW
Network 		- - Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't hav… New CWE-284
Improper Access Control 		CVE-2026-33212 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
315 4.3 MEDIUM
Network 		- - Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been f… New CWE-862
 Missing Authorization 		CVE-2026-33214 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
316 8.0 HIGH
Network 		- - Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with acces… New CWE-863
 Incorrect Authorization 		CVE-2026-6290 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
317 6.8 MEDIUM
Network 		- - Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't perform proper access control. This issue has been f… New CWE-22
CWE-200
Path Traversal
Information Exposure 		CVE-2026-33220 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
318 8.0 HIGH
Network 		- - Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain cir… New CWE-23
CWE-94
CWE-434
 Relative Path Traversal
Code Injection
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-33435 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
319 5.0 MEDIUM
Network 		- - Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-33440 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm
320 7.4 HIGH
Network 		- - OpenProject is an open-source project management application. In versions prior to 17.3.0, 2FA OTP verification in the confirm_otp action of the two_factor_authentication module has no rate limiting,… New CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2026-33667 2026-04-18 00:38 2026-04-16 Show GitHub Exploit DB Packet Storm