Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233071	7.5	危険	my123tkshop	-	123tkShop の shop/mainfile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6458	2012-09-25 16:59	2007-12-19	Show	GitHub Exploit DB Packet Storm

233072	5	警告	Netwin Ltd	-	SurgeMail の Web メール機能におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6457	2012-09-25 16:59	2007-12-19	Show	GitHub Exploit DB Packet Storm

233073	4.3	警告	Mambo Foundation	-	Mambo の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6455	2012-09-25 16:59	2007-12-19	Show	GitHub Exploit DB Packet Storm

233074	10	危険	peercast	-	PeerCast の servhs.cpp におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6454	2012-09-25 16:59	2007-12-19	Show	GitHub Exploit DB Packet Storm

233075	9.3	危険	Novell	-	Novell GroupWise におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6435	2012-09-25 16:59	2007-12-18	Show	GitHub Exploit DB Packet Storm

233076	7.5	危険	レッドハット	-	JBoss Seam の org.jboss.seam.framework.Query クラスにおける任意の EJBQL コマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2007-6433	2012-09-25 16:59	2007-12-18	Show	GitHub Exploit DB Packet Storm

233077	5	警告	IBM	-	IBM Tivoli Provisioning Manager Express における username を列挙される脆弱性	CWE-200 情報漏えい	CVE-2007-6408	2012-09-25 16:59	2007-12-17	Show	GitHub Exploit DB Packet Storm

233078	2.1	注意	geert moernaut	-	Geert Moernaut LSrunasE などにおける平文のパスワードを取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2007-6340	2012-09-25 16:59	2008-02-4	Show	GitHub Exploit DB Packet Storm

233079	4.3	警告	IBM	-	IBM Tivoli Provisioning Manager Express におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6407	2012-09-25 16:59	2007-12-17	Show	GitHub Exploit DB Packet Storm

233080	6.5	警告	myupb	-	Flat PHP Board の index.php におけるカレントユーザアカウントのパスワードを取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2007-6399	2012-09-25 16:59	2007-12-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1831	9.1	CRITICAL Network	qnap	media_streaming_add-on	A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed…	CWE-121 Stack-based Buffer Overflow	CVE-2025-59383	2026-04-14 10:17	2026-03-21	Show	GitHub Exploit DB Packet Storm

1832	9.1	CRITICAL Network	qnap	media_streaming_add-on	Se ha informado de una vulnerabilidad de desbordamiento de búfer que afecta a Media Streaming Add-On. Los atacantes remotos pueden entonces explotar la vulnerabilidad para modificar la memoria o bloq…	CWE-121 Stack-based Buffer Overflow	CVE-2025-59383	2026-04-14 10:17	2026-03-21	Show	GitHub Exploit DB Packet Storm

1833	7.5	HIGH Network	digitalbazaar	forge	Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, Ed25519 signature verification accepts forged non-canonical signatures w…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-33895	2026-04-14 10:14	2026-03-28	Show	GitHub Exploit DB Packet Storm

1834	9.1	CRITICAL Network	digitalbazaar	forge	Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, `pki.verifyCertificateChain()` does not enforce RFC 5280 basicConstraint…	CWE-295 Improper Certificate Validation	CVE-2026-33896	2026-04-14 10:13	2026-03-28	Show	GitHub Exploit DB Packet Storm

1835	9.8	CRITICAL Network	openfga	openfga	OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. In versions prior to 1.13.1, under specific conditions, models using c…	CWE-20 CWE-345 CWE-1289 Improper Input Validation Insufficient Verification of Data Authenticity Improper Validation of Unsafe Equivalence in Input	CVE-2026-33729	2026-04-14 10:04	2026-03-27	Show	GitHub Exploit DB Packet Storm

1836	9.8	CRITICAL Network	openfga	openfga	OpenFGA es un motor de autorización/permisos de alto rendimiento y flexible, construido para desarrolladores e inspirado en Google Zanzibar. En versiones anteriores a la 1.13.1, bajo condiciones espe…	CWE-20 CWE-345 CWE-1289 Improper Input Validation Insufficient Verification of Data Authenticity Improper Validation of Unsafe Equivalence in Input	CVE-2026-33729	2026-04-14 10:04	2026-03-27	Show	GitHub Exploit DB Packet Storm

1837	4.3	MEDIUM Network	grafana	grafana	A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the requ…	CWE-285 Improper Authorization	CVE-2026-21724	2026-04-14 10:00	2026-03-27	Show	GitHub Exploit DB Packet Storm

1838	4.3	MEDIUM Network	grafana	grafana	Se ha descubierto una vulnerabilidad en Grafana OSS donde una omisión de autorización en la API de puntos de contacto de aprovisionamiento permite a los usuarios con rol de Editor modificar URLs de w…	CWE-285 Improper Authorization	CVE-2026-21724	2026-04-14 10:00	2026-03-27	Show	GitHub Exploit DB Packet Storm

1839	7.5	HIGH Network	libjxl_project	libjxl	A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data…	CWE-805 CWE-770 Buffer Access with Incorrect Length Value Allocation of Resources Without Limits or Throttling	CVE-2026-1837	2026-04-14 09:51	2026-02-12	Show	GitHub Exploit DB Packet Storm

1840	7.5	HIGH Network	libjxl_project	libjxl	Un archivo especialmente diseñado puede provocar que el decodificador de libjxl escriba datos de píxeles en memoria no asignada no inicializada. Poco después, datos de otra región no asignada no inic…	CWE-805 CWE-770 Buffer Access with Incorrect Length Value Allocation of Resources Without Limits or Throttling	CVE-2026-1837	2026-04-14 09:51	2026-02-12	Show	GitHub Exploit DB Packet Storm