Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219251 7.8 危険 シスコシステムズ - Cisco Prime Central for Hosted Collaboration Solution Assurance におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-3387 2013-08-27 14:26 2013-08-21 Show GitHub Exploit DB Packet Storm
219252 5.8 警告 Apache Software Foundation
レッドハット		 - Apache Qpid の Python クライアントにおける SSL サーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1909 2013-08-27 12:25 2013-06-12 Show GitHub Exploit DB Packet Storm
219253 4.3 警告 Axel Jung - TYPO3 用 Javascript and CSS Optimizer エクステンションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5570 2013-08-26 15:31 2013-01-28 Show GitHub Exploit DB Packet Storm
219254 7.5 危険 Heiko Sudar - TYPO3 用 Slideshare エクステンションにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-5569 2013-08-26 15:31 2013-02-19 Show GitHub Exploit DB Packet Storm
219255 2.1 注意 Paul Maddern - Drupal 用 Imagemenu モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6583 2013-08-26 15:25 2012-09-19 Show GitHub Exploit DB Packet Storm
219256 2.1 注意 Simon Tatham - PuTTY におけるログインパスワードを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2011-4607 2013-08-26 14:02 2011-12-8 Show GitHub Exploit DB Packet Storm
219257 7.8 危険 シスコシステムズ - Cisco Unified Communications Manager および Cisco Unified Presence におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-3453 2013-08-26 13:53 2013-08-21 Show GitHub Exploit DB Packet Storm
219258 4 警告 IBM - IBM Optim Performance Manager および IBM InfoSphere Optim Performance Manager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-2979 2013-08-26 13:34 2013-08-20 Show GitHub Exploit DB Packet Storm
219259 2.6 注意 ヤフー株式会社 - ヤフオク! における SSL サーバ証明書の検証不備の脆弱性 CWE-Other
その他 		CVE-2013-4699 2013-08-23 18:43 2013-08-19 Show GitHub Exploit DB Packet Storm
219260 2.6 注意 ヤフー株式会社 - Android 版 Yahoo!ショッピングにおける SSL サーバ証明書の検証不備の脆弱性 CWE-Other
その他 		CVE-2013-4700 2013-08-23 18:41 2013-08-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
391 4.9 MEDIUM
Network 		- - Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox… New CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-34164 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
392 - - - spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocat… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-35469 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
393 7.5 HIGH
Network 		- - ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack bu… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-40170 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
394 - - - free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether th… New CWE-285
CWE-636
Improper Authorization
 Not Failing Securely ('Failing Open') 		CVE-2026-40248 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
395 8.1 HIGH
Network 		- - sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of popen in notlshosts_auto in qmail-remote.c. New CWE-78
OS Command  		CVE-2026-41113 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
396 4.3 MEDIUM
Network 		- - Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_id. New CWE-425
 Direct Request ('Forced Browsing') 		CVE-2024-58343 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
397 8.5 HIGH
Network 		- - SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api/av/removeUnusedAttributeView endpoint constructs a filesystem path using the user-controlled id pa… New CWE-24
 Path Traversal: '../filedir' 		CVE-2026-40318 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
398 8.6 HIGH
Network 		- - Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions … New CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-22734 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
399 - - - free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/pol… New CWE-636
CWE-754
 Not Failing Securely ('Failing Open')
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-40249 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm
400 - - - My Calendar is a WordPress plugin for managing calendar events. In versions 3.7.6 and below, the mc_ajax_mcjs_action AJAX endpoint, registered for unauthenticated users, passes user-supplied argument… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-40308 2026-04-18 00:38 2026-04-17 Show GitHub Exploit DB Packet Storm