Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225351 9.3 危険 pierreegougelet - Windows 上で稼動する GFL SDK の Pierre-emmanuel Gougelet XnView などにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0064 2012-12-20 18:34 2008-01-31 Show GitHub Exploit DB Packet Storm
225352 10 危険 トレンドマイクロ - Trend Micro ServerProtect の不特定のプロシージャにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0014 2012-12-20 18:34 2008-11-17 Show GitHub Exploit DB Packet Storm
225353 10 危険 トレンドマイクロ - Trend Micro ServerProtect の不特定のプロシージャにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0013 2012-12-20 18:34 2008-11-17 Show GitHub Exploit DB Packet Storm
225354 10 危険 トレンドマイクロ - Trend Micro ServerProtect の不特定のプロシージャにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0012 2012-12-20 18:34 2008-11-17 Show GitHub Exploit DB Packet Storm
225355 7.2 危険 PulseAudio - PulseAudio の pa_drop_root 関数における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0008 2012-12-20 18:34 2008-01-28 Show GitHub Exploit DB Packet Storm
225356 4.3 警告 xmb forum - XMB におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6728 2012-12-20 18:34 2009-07-5 Show GitHub Exploit DB Packet Storm
225357 10 危険 synce - SynCE (SynCE-dccm) の vdccm におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2007-6703 2012-12-20 18:34 2008-03-4 Show GitHub Exploit DB Packet Storm
225358 7.5 危険 Simple DirectMedia Layer - SDL_image の IMG_gif.c におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6697 2012-12-20 18:34 2008-02-1 Show GitHub Exploit DB Packet Storm
225359 2.1 注意 webcalendar - WebCalendar におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6696 2012-12-20 18:34 2008-02-1 Show GitHub Exploit DB Packet Storm
225360 5 警告 VideoLAN - VideoLAN VLC の RTSP モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6684 2012-12-20 18:34 2008-01-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
41 8.8 HIGH
Network 		- - Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated users to escalate to … New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-6912 2026-04-25 02:56 2026-04-25 Show GitHub Exploit DB Packet Storm
42 4.9 MEDIUM
Network 		- - Cross Site Scripting vulnerability in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code New CWE-79
Cross-site Scripting 		CVE-2026-31050 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
43 3.8 LOW
Network 		- - An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Client Balance component New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-31051 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
44 5.3 MEDIUM
Network 		- - An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Checkout Authentication Flow component New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-31052 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
45 4.0 MEDIUM
Local 		- - bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL. New CWE-306
Missing Authentication for Critical Function 		CVE-2026-42095 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
46 9.8 CRITICAL
Network 		- - BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated … New CWE-1188
CWE-1391
 Insecure Default Initialization of Resource
 Use of Weak Credentials 		CVE-2026-39920 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
47 6.1 MEDIUM
Network 		- - Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch… New CWE-79
Cross-site Scripting 		CVE-2025-61872 2026-04-25 02:54 2026-04-25 Show GitHub Exploit DB Packet Storm
48 4.7 MEDIUM
Network 		- - In Mahara before 24.04.10 and 25 before 25.04.1, an institution administrator or institution support administrator on a multi-tenanted site can masquerade as an institution member in an institution f… New CWE-284
Improper Access Control 		CVE-2025-59308 2026-04-25 02:54 2026-04-25 Show GitHub Exploit DB Packet Storm
49 - - - A client-side authorization flaw in Lightspeed Classroom v5.1.2.1763770643 allows unauthenticated attackers to impersonate users by bypassing integrity checks and abusing client-generated authorizati… New - CVE-2026-30368 2026-04-25 02:53 2026-04-25 Show GitHub Exploit DB Packet Storm
50 - - - In the Linux kernel, the following vulnerability has been resolved: smb: client: let send_done handle a completion without IB_SEND_SIGNALED With smbdirect_send_batch processing we likely have reque… New - CVE-2026-31534 2026-04-25 02:51 2026-04-25 Show GitHub Exploit DB Packet Storm