Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201791 4.3 警告 OpenSSL Project
日立
IBM
オラクル		 - OpenSSL の s3_pkt.c 内の do_ssl3_write 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-0198 2015-12-17 17:37 2014-04-21 Show GitHub Exploit DB Packet Storm
201792 6.8 警告 IBM
アップル
富士通
OpenSSL Project
オラクル
日立
Fedora Project
レッドハット		 - OpenSSL の d1_both.c の dtls1_reassemble_fragment 関数における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-0195 2015-12-17 17:37 2014-06-5 Show GitHub Exploit DB Packet Storm
201793 4 警告 OpenSSL Project
日立
IBM
オラクル		 - OpenSSL の s3_pkt.c の ssl3_read_bytes 関数におけるセッション間でデータを挿入される脆弱性 CWE-362
競合状態 		CVE-2010-5298 2015-12-17 17:37 2010-02-8 Show GitHub Exploit DB Packet Storm
201794 6.5 警告 The Cacti Group - Cacti の graphs_new.php の host_new_graphs_save 関数における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-8377 2015-12-17 16:51 2015-12-13 Show GitHub Exploit DB Packet Storm
201795 6.8 警告 Schneider Electric - Schneider Electric ProClima の F1 Bookview の F1BookView ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-8561 2015-12-17 15:57 2015-11-25 Show GitHub Exploit DB Packet Storm
201796 6.8 警告 Schneider Electric - Schneider Electric ProClima の F1 Bookview の F1BookView ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-7918 2015-12-17 15:57 2015-11-25 Show GitHub Exploit DB Packet Storm
201797 4 警告 IBM - IBM WebSphere Application Server の Edge Component Caching Proxy における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-5004 2015-12-17 15:47 2015-12-11 Show GitHub Exploit DB Packet Storm
201798 7.4 危険 Lepide Software Private Limited - Lepide Active Directory Self Service のパスワードリセット機能における任意のドメインユーザパスワードを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-8570 2015-12-17 14:53 2015-12-8 Show GitHub Exploit DB Packet Storm
201799 6.8 警告 Mozilla Foundation - Mozilla Firefox の libstagefright の MetaData.cpp の Metadata::setData 関数における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2015-7222 2015-12-17 14:27 2015-12-15 Show GitHub Exploit DB Packet Storm
201800 10 危険 Mozilla Foundation - Mozilla Firefox の xpcom/glue/nsDeque.cpp の nsDeque::GrowCapacity 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-7221 2015-12-17 14:27 2015-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191 4.3 MEDIUM
Network 		- - The asset dependency graph did not restrict nodes by the viewer's DAG read permissions: a user with read access to at least one DAG could browse the asset graph for any other asset in the deployment … New CWE-1220
 Insufficient Granularity of Access Control 		CVE-2026-40690 2026-04-25 02:16 2026-04-24 Show GitHub Exploit DB Packet Storm
192 4.3 MEDIUM
Network 		- - The authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in-the-Loop (HITL) and TaskInstance records: a logged-in Airflow user with read access to at least one DAG… New CWE-1220
 Insufficient Granularity of Access Control 		CVE-2026-38743 2026-04-25 02:16 2026-04-24 Show GitHub Exploit DB Packet Storm
193 - - - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the /config/ < service > /find-in-config endpoint in Roxy-WI fails to sanitize the use… New CWE-78
OS Command  		CVE-2026-33208 2026-04-25 02:16 2026-04-24 Show GitHub Exploit DB Packet Storm
194 6.3 MEDIUM
Network 		- - Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler:  Version >= 3.2.0 and < 3.3.1. Attackers who can access the Maste… New CWE-502
 Deserialization of Untrusted Data 		CVE-2025-62233 2026-04-25 02:16 2026-04-24 Show GitHub Exploit DB Packet Storm
195 6.5 MEDIUM
Network 		nimiq nimiq_proof-of-stake nimiq-transaction provides the transaction primitive to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `HistoryTreeProof::verify` panics on a malformed proof where `history.len() != … New CWE-617
 Reachable Assertion 		CVE-2026-34067 2026-04-25 02:12 2026-04-23 Show GitHub Exploit DB Packet Storm
196 5.3 MEDIUM
Network 		nimiq nimiq_proof-of-stake nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, `HistoryStore::put_historic_txns` uses an `assert!` to enforce invariants about `HistoricTr… New CWE-20
CWE-617
CWE-754
 Improper Input Validation 
 Reachable Assertion
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-34066 2026-04-25 02:12 2026-04-23 Show GitHub Exploit DB Packet Storm
197 7.5 HIGH
Network 		nimiq nimiq_proof-of-stake nimiq-primitives contains primitives (e.g., block, account, transaction) to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can cause a node to panic by announci… New CWE-252
CWE-755
 Unchecked Return Value
 Improper Handling of Exceptional Conditions 		CVE-2026-34065 2026-04-25 02:12 2026-04-23 Show GitHub Exploit DB Packet Storm
198 8.2 HIGH
Network 		nimiq nimiq_proof-of-stake nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `VestingContract::can_change_balance` returns `AccountError::InsufficientFunds` when `new_… New CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-34064 2026-04-25 02:12 2026-04-23 Show GitHub Exploit DB Packet Storm
199 7.5 HIGH
Network 		nimiq nimiq_proof-of-stake Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `network-libp2p` discovery uses a libp2p `ConnectionHandler` state machine. the handler assumes there… New CWE-617
 Reachable Assertion 		CVE-2026-34063 2026-04-25 02:12 2026-04-23 Show GitHub Exploit DB Packet Storm
200 5.3 MEDIUM
Network 		nimiq nimiq_proof-of-stake nimiq-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `MessageCodec::read_request` and `read_response` call `read_to_end()` on inbound substreams, so a remote peer c… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-34062 2026-04-25 02:11 2026-04-23 Show GitHub Exploit DB Packet Storm