Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
220021 8.5 危険 Huawei - Huawei Video Conference system 用の Huawei viewpoint VP9610 および VP9620 ユニットにおけるセッションをハイジャックされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2013-4629 2013-06-24 16:53 2013-05-13 Show GitHub Exploit DB Packet Storm
220022 3.5 注意 Huawei - Huawei Campus Switch デバイス上で稼働する複数の Huawei Quidway SPU ボードにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-4628 2013-06-24 16:52 2013-05-16 Show GitHub Exploit DB Packet Storm
220023 7.5 危険 Huawei - Huawei の AR ルータおよびスイッチ製品におけるセッションをハイジャックされる脆弱性 CWE-310
暗号の問題 		CVE-2012-6571 2013-06-24 16:50 2012-08-4 Show GitHub Exploit DB Packet Storm
220024 10 危険 Huawei - Huawei の AR ルータおよびスイッチ製品におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-6570 2013-06-24 16:50 2012-08-4 Show GitHub Exploit DB Packet Storm
220025 9.3 危険 Huawei - Huawei の AR ルータおよびスイッチ製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-6569 2013-06-24 16:49 2012-08-4 Show GitHub Exploit DB Packet Storm
220026 6.9 警告 Huawei - Huawei UTPS におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-6568 2013-06-24 16:42 2012-09-22 Show GitHub Exploit DB Packet Storm
220027 7.5 危険 Raphael Zschorsch - TYPO3 用 jQuery autocomplete for indexed_search における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4634 2013-06-24 15:26 2013-06-3 Show GitHub Exploit DB Packet Storm
220028 4.3 警告 Catalin Florian Radut - Drupal 用 Zero Point テーマにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1905 2013-06-24 15:24 2013-03-27 Show GitHub Exploit DB Packet Storm
220029 2.1 注意 Jordan Starcher - Drupal 用 CurvyCorners モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1393 2013-06-24 15:20 2013-01-23 Show GitHub Exploit DB Packet Storm
220030 6.9 警告 Fabrice Bellard - Xen で使用される Qemu の qemu guest エージェントにおける特定のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2007 2013-06-21 15:42 2013-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
341 - - - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the oldconfig parameter in the haproxy_section_save interface has an arbitrary file re… New CWE-22
Path Traversal 		CVE-2026-33077 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
342 6.4 MEDIUM
Network 		- - Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting (XSS) vulnerability in versions prior to 4.4.1 … New CWE-79
Cross-site Scripting 		CVE-2026-31953 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
343 4.9 MEDIUM
Network 		- - Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authenticated Server-Side Request Forgery (SSRF) vulnerability in versions… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-31955 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
344 4.3 MEDIUM
Network 		- - Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to version 4.4.1, any authenticated user can manually construct a URL t… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-31956 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
345 - - - Kirby is an open-source content management system. Kirby's `Xml::value()` method has special handling for `<![CDATA[ ]]>` blocks. If the input value is already valid `CDATA`, it is not escaped a seco… New CWE-91
Blind XPath Injection 		CVE-2026-32870 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
346 - - - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxy_section_save function in app/routes/… New CWE-89
SQL Injection 		CVE-2026-33078 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
347 4.2 MEDIUM
Network 		- - FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in `channels/drive/client/drive_file.c`. The `contains_dotdot… New CWE-193
 Off-by-one Error 		CVE-2026-40254 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
348 - - - Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, Kirby's user permissions control which user role is allowed to perform specific actions to content models in the … New CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-34587 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
349 - - - Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined … New CWE-863
 Incorrect Authorization 		CVE-2026-40099 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm
350 - - - Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined … New CWE-863
 Incorrect Authorization 		CVE-2026-41325 2026-04-24 23:50 2026-04-24 Show GitHub Exploit DB Packet Storm