Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
211501	3.5	注意	FOG Project	-	FOG におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3111	2014-10-28 10:58	2014-04-29	Show	GitHub Exploit DB Packet Storm

211502	6.5	警告	InterWorx	-	InterWorx Web Control Panel の xhr.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-2531	2014-10-28 10:47	2014-03-17	Show	GitHub Exploit DB Packet Storm

211503	4.3	警告	Splunk	-	Splunk におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8380	2014-10-28 10:39	2014-05-27	Show	GitHub Exploit DB Packet Storm

211504	4.3	警告	WebAsyst	-	Webasyst Shop-Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8377	2014-10-28 10:11	2014-08-12	Show	GitHub Exploit DB Packet Storm

211505	4.3	警告	Tenable, Inc.	-	Tenable Nessus 用 Web UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-7280	2014-10-28 09:58	2014-06-13	Show	GitHub Exploit DB Packet Storm

211506	7.5	危険	Zoho Corporation	-	ZOHO ManageEngine Desktop Central におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-5006	2014-10-28 09:50	2014-08-31	Show	GitHub Exploit DB Packet Storm

211507	7.5	危険	Zoho Corporation	-	ZOHO ManageEngine Desktop Central におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-5005	2014-10-28 09:49	2014-08-31	Show	GitHub Exploit DB Packet Storm

211508	6.8	警告	MRBS	-	Drupal 用 MRBS モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-7407	2014-10-27 19:30	2013-07-17	Show	GitHub Exploit DB Packet Storm

211509	7.5	危険	MRBS	-	Drupal 用 MRBS モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-7406	2014-10-27 19:30	2013-07-17	Show	GitHub Exploit DB Packet Storm

211510	5	警告	Websupporter	-	WordPress 用 WP AmASIN - The Amazon Affiliate Shop プラグインの reviews.php における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-4577	2014-10-27 18:55	2014-03-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
231	9.8	CRITICAL Network	-	-	SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.	CWE-122 Heap-based Buffer Overflow	CVE-2026-32956	2026-04-20 13:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

232	8.8	HIGH Network	-	-	SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.	CWE-121 Stack-based Buffer Overflow	CVE-2026-32955	2026-04-20 13:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

233	2.7	LOW Network	-	-	A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flo…	CWE-255 CWE-256 Credentials Management Plaintext Storage of a Password	CVE-2026-6597	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

234	7.3	HIGH Network	-	-	A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component …	CWE-284 CWE-434 Improper Access Control Unrestricted Upload of File with Dangerous Type	CVE-2026-6596	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

235	7.3	HIGH Network	-	-	A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of t…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-6595	2026-04-20 12:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

236	7.3	HIGH Network	-	-	A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly co…	CWE-94 CWE-1321 Code Injection Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-6594	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

237	3.5	LOW Network	-	-	A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cros…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-6593	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

238	3.5	LOW Network	-	-	A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/user_manager.py of the component userdata Endpoint. Such manipulatio…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-6592	2026-04-20 11:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

239	4.3	MEDIUM Network	-	-	A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argum…	CWE-22 Path Traversal	CVE-2026-6591	2026-04-20 10:16	2026-04-20	Show	GitHub Exploit DB Packet Storm

240	4.3	MEDIUM Network	-	-	A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview of the file app/model_manager.py of the component Model Preview Endpoint. The manipulation results in…	CWE-22 Path Traversal	CVE-2026-6590	2026-04-20 10:16	2026-04-20	Show	GitHub Exploit DB Packet Storm