Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232501	9.3	危険	マイクロソフト	-	Microsoft Works 7 などに実装される WkImgSrv.dll におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-1898	2012-09-25 17:16	2008-04-21	Show	GitHub Exploit DB Packet Storm

232502	4.3	警告	マイクロソフト	-	Microsoft Windows SharePoint Services 2.0 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-1888	2012-09-25 17:16	2008-04-18	Show	GitHub Exploit DB Packet Storm

232503	1.9	注意	openmosix project	-	openMosix の openmosix-tools におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-1865	2012-09-25 17:16	2008-04-17	Show	GitHub Exploit DB Packet Storm

232504	9.3	危険	lokicms	-	LokiCMS の admin.php における任意の PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2008-1860	2012-09-25 17:16	2008-04-17	Show	GitHub Exploit DB Packet Storm

232505	7.5	危険	iScripts	-	iScripts SocialWare の events.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-1859	2012-09-25 17:16	2008-04-16	Show	GitHub Exploit DB Packet Storm

232506	6.8	警告	mole	-	Mole の viewsource.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-1857	2012-09-25 17:16	2008-04-16	Show	GitHub Exploit DB Packet Storm

232507	5.1	警告	LinPHA	-	LinPHA の plugins/maps/db_handler.php におけるディレクトリトラバーサル攻撃を実行される脆弱性	CWE-20 CWE-22	CVE-2008-1856	2012-09-25 17:16	2008-04-16	Show	GitHub Exploit DB Packet Storm

232508	5	警告	マカフィー	-	ePO などの製品で使用される McAfee CMA の FrameworkService.exe におけるメモリ破損の脆弱性	CWE-399 リソース管理の問題	CVE-2008-1855	2012-09-25 17:16	2008-04-16	Show	GitHub Exploit DB Packet Storm

232509	4.3	警告	ヒューレット・パッカード	-	HP OV NNM の ovtopmd service におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-1853	2012-09-25 17:16	2008-04-16	Show	GitHub Exploit DB Packet Storm

232510	7.8	危険	ヒューレット・パッカード	-	HP OV NNM の ovalarmsrv におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-1852	2012-09-25 17:16	2008-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
61	6.1	MEDIUM Network	lollms	lollms	A Cross-site Scripting (XSS) vulnerability was identified in the `from_dict` method of the `AppLollmsMessage` class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack o… New	CWE-79 Cross-site Scripting	CVE-2026-1116	2026-04-18 01:18	2026-04-12	Show	GitHub Exploit DB Packet Storm

62	6.3	MEDIUM Network	-	-	A vulnerability was determined in prasathmani TinyFileManager up to 2.6. Affected by this vulnerability is an unknown functionality of the file /filemanager.php?p= ajax=true&type=upload of the compon… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-6497	2026-04-18 01:17	2026-04-18	Show	GitHub Exploit DB Packet Storm

63	9.1	CRITICAL Network	-	-	An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiter… New	CWE-521 Weak Password Requirements	CVE-2026-6284	2026-04-18 01:17	2026-04-18	Show	GitHub Exploit DB Packet Storm

64	9.8	CRITICAL Network	-	-	A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php. New	CWE-89 SQL Injection	CVE-2026-37749	2026-04-18 01:17	2026-04-18	Show	GitHub Exploit DB Packet Storm

65	-		-	-	A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement. New	CWE-77 Command Injection	CVE-2026-21709	2026-04-18 01:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

66	6.5	MEDIUM Network	phoca	maps	Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered. New	CWE-79 Cross-site Scripting	CVE-2026-23900	2026-04-18 01:15	2026-04-11	Show	GitHub Exploit DB Packet Storm

67	7.5	HIGH Network	fastify	fastify	Impact: Fastify applications using schema.body.content for per-content-type body validation can have validation bypassed entirely by prepending a space to the Content-Type header. The body is still … New	CWE-1287 Improper Validation of Specified Type of Input	CVE-2026-33806	2026-04-18 00:49	2026-04-15	Show	GitHub Exploit DB Packet Storm

68	9.6	CRITICAL Network	google	chrome	Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) New	CWE-122 Heap-based Buffer Overflow	CVE-2026-6296	2026-04-18 00:42	2026-04-16	Show	GitHub Exploit DB Packet Storm

69	8.3	HIGH Network	google	chrome	Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi… New	CWE-416 Use After Free	CVE-2026-6297	2026-04-18 00:42	2026-04-16	Show	GitHub Exploit DB Packet Storm

70	4.3	MEDIUM Network	google	chrome	Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secu… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-6298	2026-04-18 00:41	2026-04-16	Show	GitHub Exploit DB Packet Storm