Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224261	10	危険	tguzip	-	TUGzip におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-4779	2012-12-20 18:52	2008-10-29	Show	GitHub Exploit DB Packet Storm

224262	4.3	警告	Wojtek Kaniewski	-	libgadu におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2008-4776	2012-12-20 18:52	2008-10-24	Show	GitHub Exploit DB Packet Storm

224263	2.6	注意	The phpMyAdmin Project	-	phpMyAdmin の pmd_pdf.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4775	2012-12-20 18:52	2008-10-28	Show	GitHub Exploit DB Packet Storm

224264	4.3	警告	questwork	-	QuestCMS の main/main.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4774	2012-12-20 18:52	2008-10-28	Show	GitHub Exploit DB Packet Storm

224265	5	警告	questwork	-	QuestCMS の main/main.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4773	2012-12-20 18:52	2008-10-28	Show	GitHub Exploit DB Packet Storm

224266	7.5	危険	questwork	-	QuestCMS の main/main.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4772	2012-12-20 18:52	2008-10-28	Show	GitHub Exploit DB Packet Storm

224267	9.3	危険	WordPress.org	-	WordPress の wp-includes/theme.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4769	2012-12-20 18:52	2008-04-2	Show	GitHub Exploit DB Packet Storm

224268	7.5	危険	tlm cms	-	TLM CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4768	2012-12-20 18:52	2008-10-28	Show	GitHub Exploit DB Packet Storm

224269	9	危険	PHPNUKE	-	PHP-Nuke の DownloadsPlus モジュールにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-4767	2012-12-20 18:52	2008-10-28	Show	GitHub Exploit DB Packet Storm

224270	4.3	警告	wikidsystems	-	WiKID wClient-PHP の sample.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4763	2012-12-20 18:52	2008-10-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2571	5.5	MEDIUM Local	ibm	tivoli_netcool\/impact	IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-4788	2026-04-15 06:29	2026-04-8	Show	GitHub Exploit DB Packet Storm

2572	8.8	HIGH Network	langflow	langflow	IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of…	CWE-502 Deserialization of Untrusted Data	CVE-2026-3357	2026-04-15 06:28	2026-04-8	Show	GitHub Exploit DB Packet Storm

2573	7.5	HIGH Network	huawei	harmonyos emui	Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.	CWE-275 Permission Issues	CVE-2026-28553	2026-04-15 06:16	2026-04-13	Show	GitHub Exploit DB Packet Storm

2574	9.6	CRITICAL Network	hpe	aruba_networking_private_5g_core	A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the l…	CWE-601 Open Redirect	CVE-2026-23818	2026-04-15 06:15	2026-04-7	Show	GitHub Exploit DB Packet Storm

2575	8.8	HIGH Network	aster-te	terrapack_tkservercgi terrapack_tkwebcoreng terrapack_tpkwebgis	The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable compon…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-67260	2026-04-15 05:54	2026-03-21	Show	GitHub Exploit DB Packet Storm

2576	8.8	HIGH Network	aster-te	terrapack_tkservercgi terrapack_tkwebcoreng terrapack_tpkwebgis	El software Terrapack, de ASTER TEC / ASTER S.p.A., con los componentes y versiones indicados tiene una vulnerabilidad de carga de archivos que puede permitir a los atacantes ejecutar código arbitrar…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-67260	2026-04-15 05:54	2026-03-21	Show	GitHub Exploit DB Packet Storm

2577	9.8	CRITICAL Network	anolis	sysak	SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd.	CWE-94 Code Injection	CVE-2024-44722	2026-04-15 05:48	2026-03-20	Show	GitHub Exploit DB Packet Storm

2578	9.8	CRITICAL Network	anolis	sysak	SysAK v2.0 y versiones anteriores son vulnerables a la ejecución de comandos a través de «aaa;cat /etc /passwd».	CWE-94 Code Injection	CVE-2024-44722	2026-04-15 05:48	2026-03-20	Show	GitHub Exploit DB Packet Storm

2579	7.5	HIGH Network	microsoft	.net	ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorre…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-25667	2026-04-15 05:47	2026-03-20	Show	GitHub Exploit DB Packet Storm

2580	7.5	HIGH Network	microsoft	.net	ASP.NET Core Kestrel en Microsoft .NET 8.0 antes de 8.0.22 y .NET 9.0 antes de 9.0.11 permite a un atacante remoto causar un consumo excesivo de CPU mediante el envío de un paquete QUIC manipulado, d…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-25667	2026-04-15 05:47	2026-03-20	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed