Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214001 7.5 危険 ModSecurity - ModSecurity における任意のファイルを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1915 2014-08-11 16:42 2013-03-28 Show GitHub Exploit DB Packet Storm
214002 10 危険 Django Software Foundation
Canonical		 - Django の FilePathField などのモデルフィールドクラスにおける脆弱性 CWE-399
リソース管理の問題 		CVE-2014-0474 2014-08-11 16:32 2014-04-21 Show GitHub Exploit DB Packet Storm
214003 5 警告 Django Software Foundation
Canonical		 - Django のキャッシュフレームワークにおける CSRF 保護を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0473 2014-08-11 16:30 2014-04-21 Show GitHub Exploit DB Packet Storm
214004 7.2 危険 Linux - Google Chrome OS などの製品で使用される Linux Kernel における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2013-0913 2014-08-11 16:15 2013-03-18 Show GitHub Exploit DB Packet Storm
214005 4.3 警告 Ruby-lang.org
RubyGems
レッドハット		 - Ruby で使用される RubyGems の lib/rubygems/version.rb におけるサービス運用妨害 (DoS) の脆弱性 CWE-310
暗号の問題 		CVE-2013-4287 2014-08-11 16:03 2013-09-9 Show GitHub Exploit DB Packet Storm
214006 5.1 警告 Django Software Foundation
Canonical		 - Django の django.core.urlresolvers.reverse 関数における任意の Python モジュールをインポートされる脆弱性 CWE-94
コード・インジェクション 		CVE-2014-0472 2014-08-11 15:51 2014-04-21 Show GitHub Exploit DB Packet Storm
214007 2.1 注意 Puppet - Puppet および Puppet Enterprise で使用される Puppet Module Tool におけるモジュールを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4956 2014-08-11 15:50 2013-08-15 Show GitHub Exploit DB Packet Storm
214008 5.1 警告 Puppet - Puppet および Puppet Enterprise における任意の Ruby プログラムを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-4761 2014-08-11 15:49 2013-08-15 Show GitHub Exploit DB Packet Storm
214009 4.3 警告 Little CMS - Little CMS におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-4276 2014-08-11 15:41 2013-08-4 Show GitHub Exploit DB Packet Storm
214010 7.5 危険 xmlsoft.org - libxml2 におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1969 2014-08-11 15:38 2013-02-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
81 7.3 HIGH
Network 		- - Memory safety bugs present in Firefox 150.0.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exp… New CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-7324 2026-04-29 01:16 2026-04-29 Show GitHub Exploit DB Packet Storm
82 7.5 HIGH
Network 		- - Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1. New CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2026-7320 2026-04-29 01:16 2026-04-29 Show GitHub Exploit DB Packet Storm
83 7.3 HIGH
Network 		- - The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write w… New CWE-787
 Out-of-bounds Write 		CVE-2026-5435 2026-04-29 01:16 2026-04-28 Show GitHub Exploit DB Packet Storm
84 - - - Cross-Site Scripting (XSS) vulnerability exists in FUEL CMS v1.5.2 and before within the asset upload functionality. The application fails to properly sanitize uploaded SVG files, allowing a low-priv… New - CVE-2026-38948 2026-04-29 01:16 2026-04-29 Show GitHub Exploit DB Packet Storm
85 - - - Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jwts.go fails to validate the JWT signature when verifying host tokens. An attack… New - CVE-2026-38651 2026-04-29 01:16 2026-04-29 Show GitHub Exploit DB Packet Storm
86 9.8 CRITICAL
Network 		- - MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, … New CWE-287
Improper Authentication 		CVE-2026-35903 2026-04-29 01:16 2026-04-28 Show GitHub Exploit DB Packet Storm
87 7.5 HIGH
Network 		- - An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories. New CWE-552
 Files or Directories Accessible to External Parties 		CVE-2025-69428 2026-04-29 01:16 2026-04-28 Show GitHub Exploit DB Packet Storm
88 7.5 HIGH
Network 		- - The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible directory, which allows unauthen… New CWE-377
CWE-532
 Insecure Temporary File
 Inclusion of Sensitive Information in Log Files 		CVE-2025-67223 2026-04-29 01:16 2026-04-29 Show GitHub Exploit DB Packet Storm
89 - - - Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts. New - CVE-2025-60889 2026-04-29 01:16 2026-04-29 Show GitHub Exploit DB Packet Storm
90 5.3 MEDIUM
Network 		- - An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Cl… New - CVE-2025-60887 2026-04-29 01:16 2026-04-29 Show GitHub Exploit DB Packet Storm