Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229661	4.3	警告	IBM	-	IBM WSRR におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2985	2012-09-25 17:38	2010-08-5	Show	GitHub Exploit DB Packet Storm

229662	9.3	危険	Invensys	-	Wonderware Archestra IDE などにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2974	2012-09-25 17:38	2010-08-5	Show	GitHub Exploit DB Packet Storm

229663	4.3	警告	MoinMoin	-	MoinMoin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2970	2012-09-25 17:38	2010-06-7	Show	GitHub Exploit DB Packet Storm

229664	4.3	警告	MoinMoin	-	MoinMoin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2969	2012-09-25 17:38	2010-06-7	Show	GitHub Exploit DB Packet Storm

229665	4.9	警告	Linux	-	Linux kernel の net/irda/af_irda.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-2954	2012-09-25 17:38	2010-08-30	Show	GitHub Exploit DB Packet Storm

229666	10	危険	jan engelhardt	-	libHX の string.c の HX_split 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2947	2012-09-25 17:38	2010-08-16	Show	GitHub Exploit DB Packet Storm

229667	7.5	危険	jens vagelpohl	-	zope-ldapuserfolder の authenticate 関数における権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2010-2944	2012-09-25 17:38	2010-08-20	Show	GitHub Exploit DB Packet Storm

229668	7.2	危険	pharscape	-	hsolink の hsolinkcontrol におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2930	2012-09-25 17:38	2010-07-28	Show	GitHub Exploit DB Packet Storm

229669	7.2	危険	pharscape	-	hsolink の hsolinkcontrol における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2929	2012-09-25 17:38	2010-07-28	Show	GitHub Exploit DB Packet Storm

229670	5	警告	IBM	-	ITDS の slapi_printmessage 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-287 不適切な認証	CVE-2010-2927	2012-09-25 17:38	2010-08-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 19, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	-		-	-	Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). Non-constant time comparisons risk private key leakage in FrodoKEM. This issue affects BC… New	CWE-385 Covert Timing Channel	CVE-2026-5598	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

312	7.5	HIGH Network	-	-	An issue in the file handling logic of the component download.php of SAC-NFe v2.0.02 allows attackers to execute a directory traversal and read arbitrary files from the system via a crafted GET reque… New	CWE-22 Path Traversal	CVE-2026-30996	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

313	7.4	HIGH Network	-	-	Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by trick… New	CWE-200 Information Exposure	CVE-2026-32631	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

314	3.1	LOW Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't hav… New	CWE-284 Improper Access Control	CVE-2026-33212	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

315	4.3	MEDIUM Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't enforce proper access control. This issue has been f… New	CWE-862 Missing Authorization	CVE-2026-33214	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

316	8.0	HIGH Network	-	-	Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with acces… New	CWE-863 Incorrect Authorization	CVE-2026-6290	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

317	6.8	MEDIUM Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't perform proper access control. This issue has been f… New	CWE-22 CWE-200 Path Traversal Information Exposure	CVE-2026-33220	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

318	8.0	HIGH Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain cir… New	CWE-23 CWE-94 CWE-434 Relative Path Traversal Code Injection Unrestricted Upload of File with Dangerous Type	CVE-2026-33435	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

319	5.0	MEDIUM Network	-	-	Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-33440	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm

320	7.4	HIGH Network	-	-	OpenProject is an open-source project management application. In versions prior to 17.3.0, 2FA OTP verification in the confirm_otp action of the two_factor_authentication module has no rate limiting,… New	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-33667	2026-04-18 00:38	2026-04-16	Show	GitHub Exploit DB Packet Storm