Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224541 4.9 警告 サン・マイクロシステムズ - Sun Netra T5220 Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2008-3548 2012-12-20 18:52 2008-08-4 Show GitHub Exploit DB Packet Storm
224542 4.7 警告 レッドハット - Fedora などの Linux 上で稼動している initscripts の rc.sysinit における任意のファイルを削除される脆弱性 CWE-59
リンク解釈の問題 		CVE-2008-3524 2012-12-20 18:52 2008-09-25 Show GitHub Exploit DB Packet Storm
224543 4.3 警告 レッドハット - Red Hat JBoss Enterprise Application Platform の JBossAs コンポーネントにおける重要な情報を取得される脆弱性 CWE-16
環境設定 		CVE-2008-3519 2012-12-20 18:52 2008-09-22 Show GitHub Exploit DB Packet Storm
224544 4.3 警告 softbiz - Softbiz Photo Gallery におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3511 2012-12-20 18:52 2008-08-7 Show GitHub Exploit DB Packet Storm
224545 5 警告 wogan may - LiteNews における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-3508 2012-12-20 18:52 2008-08-7 Show GitHub Exploit DB Packet Storm
224546 7.5 危険 wogan may - LiteNews の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3507 2012-12-20 18:52 2008-08-7 Show GitHub Exploit DB Packet Storm
224547 7.5 危険 polypager - PolyPager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3506 2012-12-20 18:52 2008-08-6 Show GitHub Exploit DB Packet Storm
224548 4.3 警告 polypager - PolyPager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3505 2012-12-20 18:52 2008-08-6 Show GitHub Exploit DB Packet Storm
224549 5 警告 webgui - Plain Black WebGUI の RSSFromParent における重要な情報を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-3503 2012-12-20 18:52 2008-06-20 Show GitHub Exploit DB Packet Storm
224550 5 警告 RealVNC - RealVNC Windows Client の vncviewer.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3493 2012-12-20 18:52 2008-08-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1831 9.1 CRITICAL
Network 		qnap media_streaming_add-on A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed… CWE-121
Stack-based Buffer Overflow 		CVE-2025-59383 2026-04-14 10:17 2026-03-21 Show GitHub Exploit DB Packet Storm
1832 9.1 CRITICAL
Network 		qnap media_streaming_add-on Se ha informado de una vulnerabilidad de desbordamiento de búfer que afecta a Media Streaming Add-On. Los atacantes remotos pueden entonces explotar la vulnerabilidad para modificar la memoria o bloq… CWE-121
Stack-based Buffer Overflow 		CVE-2025-59383 2026-04-14 10:17 2026-03-21 Show GitHub Exploit DB Packet Storm
1833 7.5 HIGH
Network 		digitalbazaar forge Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, Ed25519 signature verification accepts forged non-canonical signatures w… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-33895 2026-04-14 10:14 2026-03-28 Show GitHub Exploit DB Packet Storm
1834 9.1 CRITICAL
Network 		digitalbazaar forge Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, `pki.verifyCertificateChain()` does not enforce RFC 5280 basicConstraint… CWE-295
Improper Certificate Validation  		CVE-2026-33896 2026-04-14 10:13 2026-03-28 Show GitHub Exploit DB Packet Storm
1835 9.8 CRITICAL
Network 		openfga openfga OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. In versions prior to 1.13.1, under specific conditions, models using c… CWE-20
CWE-345
CWE-1289
 Improper Input Validation 
 Insufficient Verification of Data Authenticity
 Improper Validation of Unsafe Equivalence in Input 		CVE-2026-33729 2026-04-14 10:04 2026-03-27 Show GitHub Exploit DB Packet Storm
1836 9.8 CRITICAL
Network 		openfga openfga OpenFGA es un motor de autorización/permisos de alto rendimiento y flexible, construido para desarrolladores e inspirado en Google Zanzibar. En versiones anteriores a la 1.13.1, bajo condiciones espe… CWE-20
CWE-345
CWE-1289
 Improper Input Validation 
 Insufficient Verification of Data Authenticity
 Improper Validation of Unsafe Equivalence in Input 		CVE-2026-33729 2026-04-14 10:04 2026-03-27 Show GitHub Exploit DB Packet Storm
1837 4.3 MEDIUM
Network 		grafana grafana A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the requ… CWE-285
Improper Authorization 		CVE-2026-21724 2026-04-14 10:00 2026-03-27 Show GitHub Exploit DB Packet Storm
1838 4.3 MEDIUM
Network 		grafana grafana Se ha descubierto una vulnerabilidad en Grafana OSS donde una omisión de autorización en la API de puntos de contacto de aprovisionamiento permite a los usuarios con rol de Editor modificar URLs de w… CWE-285
Improper Authorization 		CVE-2026-21724 2026-04-14 10:00 2026-03-27 Show GitHub Exploit DB Packet Storm
1839 7.5 HIGH
Network 		libjxl_project libjxl A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data… CWE-805
CWE-770
 Buffer Access with Incorrect Length Value
 Allocation of Resources Without Limits or Throttling 		CVE-2026-1837 2026-04-14 09:51 2026-02-12 Show GitHub Exploit DB Packet Storm
1840 7.5 HIGH
Network 		libjxl_project libjxl Un archivo especialmente diseñado puede provocar que el decodificador de libjxl escriba datos de píxeles en memoria no asignada no inicializada. Poco después, datos de otra región no asignada no inic… CWE-805
CWE-770
 Buffer Access with Incorrect Length Value
 Allocation of Resources Without Limits or Throttling 		CVE-2026-1837 2026-04-14 09:51 2026-02-12 Show GitHub Exploit DB Packet Storm