Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
219661 6.4 警告 IBM - IBM API Management におけるテナント API へアクセスされる脆弱性 CWE-noinfo
情報不足 		CVE-2013-0559 2013-07-22 16:33 2013-07-10 Show GitHub Exploit DB Packet Storm
219662 7.2 危険 IBM - IBM AIX および VIOS の InfiniBand サブシステムにおける権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2013-4011 2013-07-22 16:32 2013-06-3 Show GitHub Exploit DB Packet Storm
219663 10 危険 シーメンス - Siemens Enterprise OpenScape Branch および OpenScape Session Border Controller における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-4781 2013-07-22 16:31 2012-09-14 Show GitHub Exploit DB Packet Storm
219664 7.8 危険 シーメンス - Siemens Enterprise OpenScape Branch および OpenScape Session Border Controller における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2013-4780 2013-07-22 16:31 2012-09-14 Show GitHub Exploit DB Packet Storm
219665 4.3 警告 シーメンス - Siemens Enterprise OpenScape Branch および OpenScape Session Border Controller におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4779 2013-07-22 16:29 2012-09-14 Show GitHub Exploit DB Packet Storm
219666 7.8 危険 シーメンス - Siemens Enterprise OpenScape Branch および OpenScape Session Border Controller における重要なサーバおよび統計情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-4778 2013-07-22 16:29 2012-09-14 Show GitHub Exploit DB Packet Storm
219667 5 警告 シスコシステムズ - Cisco IOS の GET VPN 機能のデフォルト設定における暗号化ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3436 2013-07-22 16:25 2013-07-19 Show GitHub Exploit DB Packet Storm
219668 4.3 警告 DELL EMC (旧 EMC Corporation) - Data Store Gen プラットフォーム上で稼働する EMC Avamar Server および Avamar Virtual Edition における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-3275 2013-07-22 16:23 2013-07-17 Show GitHub Exploit DB Packet Storm
219669 9 危険 DELL EMC (旧 EMC Corporation) - Data Store Gen プラットフォーム上で稼働する EMC Avamar Server および Avamar Virtual Edition における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3274 2013-07-22 16:22 2013-07-17 Show GitHub Exploit DB Packet Storm
219670 2.6 注意 Verizon - Verizon Wireless Network Extender における ESN および MIN 値を取得される脆弱性 CWE-287
不適切な認証 		CVE-2013-4877 2013-07-22 16:20 2013-07-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
841 4.3 MEDIUM
Network 		- - Missing Authorization vulnerability in Navneil Naicker ACF Galerie 4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ACF Galerie 4: from n/a through 1.4.2. New CWE-862
 Missing Authorization 		CVE-2025-62104 2026-04-23 23:28 2026-04-23 Show GitHub Exploit DB Packet Storm
842 6.5 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.This issue affects Rescue Shortcodes: from n/a … New CWE-79
Cross-site Scripting 		CVE-2025-62110 2026-04-23 23:28 2026-04-23 Show GitHub Exploit DB Packet Storm
843 6.5 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects Taxi Bo… New CWE-79
Cross-site Scripting 		CVE-2026-28040 2026-04-23 23:28 2026-04-23 Show GitHub Exploit DB Packet Storm
844 9.9 CRITICAL
Network 		- - Improper Control of Generation of Code ('Code Injection') vulnerability in Funnelforms LLC FunnelFormsPro allows Remote Code Inclusion.This issue affects FunnelFormsPro: from n/a through 3.8.1. New CWE-94
Code Injection 		CVE-2026-39440 2026-04-23 23:28 2026-04-23 Show GitHub Exploit DB Packet Storm
845 7.1 HIGH
Network 		connectwise automate ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur wi… Update CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-6066 2026-04-23 23:18 2026-04-21 Show GitHub Exploit DB Packet Storm
846 7.3 HIGH
Network 		fortra goanywhere_managed_file_transfer The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH ke… New CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2025-14362 2026-04-23 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm
847 7.8 HIGH
Local 		- - Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file Update CWE-277
 Insecure Inherited Permissions 		CVE-2026-30266 2026-04-23 23:16 2026-04-21 Show GitHub Exploit DB Packet Storm
848 4.9 MEDIUM
Network 		fortra goanywhere_agents
goanywhere_managed_file_transfer 		Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin users to brute-force decryption of data. New CWE-326
Inadequate Encryption Strength 		CVE-2025-1241 2026-04-23 23:12 2026-04-22 Show GitHub Exploit DB Packet Storm
849 7.5 HIGH
Network 		vexa vexa Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa transcription-collector service exposes an internal endpoint `GET /internal/… Update CWE-306
CWE-862
Missing Authentication for Critical Function
 Missing Authorization 		CVE-2026-25058 2026-04-23 23:11 2026-04-21 Show GitHub Exploit DB Packet Storm
850 5.8 MEDIUM
Network 		vexa vexa Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa webhook feature allows authenticated users to configure an arbitrary URL tha… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-25883 2026-04-23 23:10 2026-04-21 Show GitHub Exploit DB Packet Storm