Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224931 7.5 危険 sipp - SIPp の call.cpp の get_remote_video_port_media 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1959 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
224932 4.3 警告 wikepage - Wikepage Opus の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1956 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
224933 4.3 警告 Toocharger - Martin BOUCHER MyBoard の rep.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1955 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
224934 7.5 危険 webcalendar - Web Calendar Pro の one_day.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1954 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
224935 6.8 警告 Realtek Semiconductor Corp - Windows Vista 上で稼動している Realtek HD Audio Codec Drivers RTKVHDA.sys などにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-1932 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
224936 6.8 警告 Realtek Semiconductor Corp - Windows Vista 上で稼動している Realtek HD Audio Codec Drivers RTKVHDA.sys および RTKVHDA64.sys におけるレジストリキーを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1931 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
224937 7.5 危険 WordPress.org - WordPress のクッキー認証メソッドにおけるクッキーを偽造される脆弱性 CWE-287
不適切な認証 		CVE-2008-1930 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
224938 3.5 注意 The phpMyAdmin Project - phpMyAdmin における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2008-1924 2012-12-20 18:52 2008-04-22 Show GitHub Exploit DB Packet Storm
224939 10 危険 sarg - Sarg におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1922 2012-12-20 18:52 2008-05-13 Show GitHub Exploit DB Packet Storm
224940 7.5 危険 YourFreeWorld.com - YourFreeWorld Apartment Search Script の listtest.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1919 2012-12-20 18:52 2008-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1391 - - - The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer … CWE-787
 Out-of-bounds Write 		CVE-2026-3298 2026-04-22 06:16 2026-04-22 Show GitHub Exploit DB Packet Storm
1392 3.1 LOW
Network 		- - OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin downloader extracts a plugin binary from a container ima… CWE-400
CWE-674
CWE-770
 Uncontrolled Resource Consumption
 Uncontrolled Recursion
 Allocation of Resources Without Limits or Throttling 		CVE-2026-39396 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1393 8.8 HIGH
Network 		- - In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs w… CWE-269
 Improper Privilege Management 		CVE-2026-29648 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1394 6.5 MEDIUM
Network 		- - In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabl… CWE-269
 Improper Privilege Management 		CVE-2026-29647 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1395 9.8 CRITICAL
Network 		- - In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor interrupt-enable CSR (sie) may be handled incorrectly and can inf… CWE-267
 Privilege Defined With Unsafe Actions 		CVE-2026-29646 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1396 7.1 HIGH
Local 		- - XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contains an improper exceptional-condition handling flaw in its CSR subsystem (N… CWE-703
 Improper Check or Handling of Exceptional Conditions 		CVE-2026-29643 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1397 7.8 HIGH
Local 		- - A local attacker who can execute privileged CSR operations (or can induce firmware to do so) performs carefully crafted reads/writes to menvcfg (e.g., csrrs in M-mode). On affected XiangShan versions… CWE-1244
 Internal Asset Exposed to Unsafe Debug Access Level or State 		CVE-2026-29642 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1398 5.3 MEDIUM
Local 		- - XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) has improper gating of its distributed CSR write-enable path, allowing illegal C… CWE-284
Improper Access Control 		CVE-2026-29644 2026-04-22 03:16 2026-04-22 Show GitHub Exploit DB Packet Storm
1399 4.5 MEDIUM
Network 		- - A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS… CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-6060 2026-04-22 01:20 2026-04-21 Show GitHub Exploit DB Packet Storm
1400 4.7 MEDIUM
Local 		- - Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass… CWE-757
Algorithm Downgrade 		CVE-2026-6550 2026-04-22 01:20 2026-04-21 Show GitHub Exploit DB Packet Storm