Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
223691	7.5	危険	xigla	-	Xigla Software Absolute Live Support .NET における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6864	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223692	7.5	危険	xigla	-	Xigla Software Absolute Form Processor .NET における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6863	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223693	7.5	危険	xigla	-	Absolute Content Rotator における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6862	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223694	7.5	危険	xigla	-	Xigla Software Absolute Newsletter における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6861	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223695	7.5	危険	xigla	-	Xigla Software Absolute Poll Manager XE における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6860	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223696	7.5	危険	xigla	-	Xigla Software Absolute Control Panel XE における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6859	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223697	7.5	危険	xigla	-	Absolute Banner Manager .NET における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6858	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223698	7.5	危険	xigla	-	Absolute Podcast .NET における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6857	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223699	7.5	危険	xigla	-	Xigla Software Absolute News Manager.NET における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6856	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

223700	7.5	危険	xigla	-	Xigla Software Absolute News Feed における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2008-6855	2012-12-20 19:10	2009-07-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1731	4.3	MEDIUM Network	fka	prompts.chat	prompts.chat prior to commit 1464475 contains a blind server-side request forgery vulnerability in the Wiro media generator that allows authenticated users to perform server-side fetches of user-cont…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-22662	2026-04-14 03:18	2026-04-4	Show	GitHub Exploit DB Packet Storm

1732	8.8	HIGH Network	-	-	A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based …	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-6196	2026-04-14 03:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1733	9.8	CRITICAL Network	-	-	A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handle…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-6195	2026-04-14 03:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1734	8.8	HIGH Network	-	-	A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. T…	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-6194	2026-04-14 03:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

1735	4.3	MEDIUM Network	wwbn	avideo	WWBN AVideo is an open source video platform. Prior to version 26.0, the `listFiles.json.php` endpoint accepts a `path` POST parameter and passes it directly to `glob()` without restricting the path …	CWE-22 Path Traversal	CVE-2026-33238	2026-04-14 03:16	2026-03-21	Show	GitHub Exploit DB Packet Storm

1736	4.3	MEDIUM Network	wwbn	avideo	WWBN AVideo es una plataforma de video de código abierto. Antes de la versión 26.0, el endpoint 'listFiles.json.php' acepta un parámetro POST 'path' y lo pasa directamente a 'glob()' sin restringir l…	CWE-22 Path Traversal	CVE-2026-33238	2026-04-14 03:16	2026-03-21	Show	GitHub Exploit DB Packet Storm

1737	5.5	MEDIUM Network	wwbn	avideo	WWBN AVideo is an open source video platform. Prior to version 26.0, the Scheduler plugin's `run()` function in `plugin/Scheduler/Scheduler.php` calls `url_get_contents()` with an admin-configurable …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-33237	2026-04-14 03:16	2026-03-21	Show	GitHub Exploit DB Packet Storm

1738	5.5	MEDIUM Network	wwbn	avideo	WWBN AVideo es una plataforma de video de código abierto. Antes de la versión 26.0, la función 'run()' del plugin Scheduler en 'plugin/Scheduler/Scheduler.php' llama a 'url_get_contents()' con una 'c…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-33237	2026-04-14 03:16	2026-03-21	Show	GitHub Exploit DB Packet Storm

1739	3.1	LOW Network	-	-	A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML d…	CWE-843 Type Confusion	CVE-2025-11731	2026-04-14 03:16	2025-10-14	Show	GitHub Exploit DB Packet Storm

1740	3.3	LOW Local	samsung	android	External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege.	NVD-CWE-noinfo	CVE-2026-21012	2026-04-14 03:16	2026-04-13	Show	GitHub Exploit DB Packet Storm