Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226831 9.3 危険 x multimedia system - xmms における整数オーバーフローの脆弱性 - CVE-2007-0653 2012-12-20 18:19 2007-03-21 Show GitHub Exploit DB Packet Storm
226832 7.5 危険 rbl - Raymond BERTHOU script collection の tForum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-0642 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
226833 7.5 危険 shaffer solutions corp - SSC DiskAccess NFS Client の EnumPrintersA 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-0641 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
226834 10 危険 Zabbix - ZABBIX におけるバッファオーバーフローの脆弱性 - CVE-2007-0640 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
226835 5 警告 vlad alexa mancini - Vlad Alexa Mancini PHPFootball の show.php における重要な情報を取得される脆弱性 - CVE-2007-0638 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
226836 7.5 危険 t-systems solutions for research gmbh - MyNews の include/themes/themefunc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-0633 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
226837 7.5 危険 x-dev - X-dev xNews の classes/class.news.php における SQL インジェクションの脆弱性 - CVE-2007-0630 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
226838 6.4 警告 plain black - Plain Black WebGUI の www_purgeList メソッドにおける許可されていないアセットを削除される脆弱性 - CVE-2007-0629 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
226839 4.3 警告 サン・マイクロシステムズ - Sun Java System Access Manager におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-0628 2012-12-20 18:19 2007-01-29 Show GitHub Exploit DB Packet Storm
226840 5 警告 vlad leont - FD Script の download.php における特定の拡張子を伴う Web 文書ルート配下のファイルのソースを読み取られる脆弱性 - CVE-2007-0620 2012-12-20 18:19 2007-01-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
41 8.8 HIGH
Network 		- - Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated users to escalate to … New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-6912 2026-04-25 02:56 2026-04-25 Show GitHub Exploit DB Packet Storm
42 4.9 MEDIUM
Network 		- - Cross Site Scripting vulnerability in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code New CWE-79
Cross-site Scripting 		CVE-2026-31050 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
43 3.8 LOW
Network 		- - An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Client Balance component New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-31051 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
44 5.3 MEDIUM
Network 		- - An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Checkout Authentication Flow component New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-31052 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
45 4.0 MEDIUM
Local 		- - bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL. New CWE-306
Missing Authentication for Critical Function 		CVE-2026-42095 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
46 9.8 CRITICAL
Network 		- - BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated … New CWE-1188
CWE-1391
 Insecure Default Initialization of Resource
 Use of Weak Credentials 		CVE-2026-39920 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
47 6.1 MEDIUM
Network 		- - Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch… New CWE-79
Cross-site Scripting 		CVE-2025-61872 2026-04-25 02:54 2026-04-25 Show GitHub Exploit DB Packet Storm
48 4.7 MEDIUM
Network 		- - In Mahara before 24.04.10 and 25 before 25.04.1, an institution administrator or institution support administrator on a multi-tenanted site can masquerade as an institution member in an institution f… New CWE-284
Improper Access Control 		CVE-2025-59308 2026-04-25 02:54 2026-04-25 Show GitHub Exploit DB Packet Storm
49 - - - A client-side authorization flaw in Lightspeed Classroom v5.1.2.1763770643 allows unauthenticated attackers to impersonate users by bypassing integrity checks and abusing client-generated authorizati… New - CVE-2026-30368 2026-04-25 02:53 2026-04-25 Show GitHub Exploit DB Packet Storm
50 - - - In the Linux kernel, the following vulnerability has been resolved: smb: client: let send_done handle a completion without IB_SEND_SIGNALED With smbdirect_send_batch processing we likely have reque… New - CVE-2026-31534 2026-04-25 02:51 2026-04-25 Show GitHub Exploit DB Packet Storm