Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233411	5	警告	マイクロソフト	-	Microsoft Internet Security などの SOCKS4 Proxy における重要な情報 (別ユーザのセッションの宛先 IP アドレス) を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-4991	2012-09-25 16:59	2007-09-21	Show	GitHub Exploit DB Packet Storm

233412	7.5	危険	ktauber	-	phpBB の Ktauber.com StylesDemo mod の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4984	2012-09-25 16:59	2007-09-19	Show	GitHub Exploit DB Packet Storm

233413	10	危険	MW6 Technologies	-	MW6 Technologies QRCode ActiveX の MW6QRCode.dll における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-4982	2012-09-25 16:59	2007-09-19	Show	GitHub Exploit DB Packet Storm

233414	4.3	警告	oblius	-	Obedit の save 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4981	2012-09-25 16:59	2007-09-19	Show	GitHub Exploit DB Packet Storm

233415	7.5	危険	kwsphp	-	KwsPHP の sondages モジュールの index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4979	2012-09-25 16:59	2007-09-19	Show	GitHub Exploit DB Packet Storm

233416	7.5	危険	Erik de Castro Lopo	-	libsndfile の flac_buffer_copy 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-4974	2012-09-25 16:59	2007-09-19	Show	GitHub Exploit DB Packet Storm

233417	4.4	警告	isecsoft	-	ProSecurity における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2007-4971	2012-09-25 16:59	2007-09-18	Show	GitHub Exploit DB Packet Storm

233418	4.4	警告	online armor	-	Online Armor Personal Firewall におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 CWE-264	CVE-2007-4967	2012-09-25 16:59	2007-09-18	Show	GitHub Exploit DB Packet Storm

233419	4.3	警告	linden lab	-	Linden Lab Second Life におけるアカウントへログインされる脆弱性	CWE-255 CWE-310	CVE-2007-4961	2012-09-25 16:59	2007-09-18	Show	GitHub Exploit DB Packet Storm

233420	5	警告	linden lab	-	Linden Lab Second Life における重要な情報を取得される脆弱性	CWE-255 CWE-310	CVE-2007-4960	2012-09-25 16:59	2007-09-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1471	6.5	MEDIUM Network	redaxo	redaxo	Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting …	CWE-352 Origin Validation Error	CVE-2016-20053	2026-04-15 04:08	2026-04-4	Show	GitHub Exploit DB Packet Storm

1472	9.8	CRITICAL Network	snewscms	snews	Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can …	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2016-20052	2026-04-15 04:05	2026-04-4	Show	GitHub Exploit DB Packet Storm

1473	4.3	MEDIUM Network	snewscms	snews	Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can tric…	CWE-352 Origin Validation Error	CVE-2016-20051	2026-04-15 04:04	2026-04-4	Show	GitHub Exploit DB Packet Storm

1474	5.5	MEDIUM Local	mcafee	netschedscan	NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can past…	CWE-787 Out-of-bounds Write	CVE-2016-20050	2026-04-15 04:03	2026-04-4	Show	GitHub Exploit DB Packet Storm

1475	6.1	MEDIUM Network	electronjs	electron	Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 39.0.0-alpha.1 to before 39.8.0, 40.0.0-alpha.1 to before 40.7.0, and 41.0.0-alph…	CWE-668 CWE-1188 Exposure of Resource to Wrong Sphere Insecure Default Initialization of Resource	CVE-2026-34780	2026-04-15 04:02	2026-04-4	Show	GitHub Exploit DB Packet Storm

1476	9.1	CRITICAL Network	adobe	commerce commerce_b2b magento	Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this …	CWE-20 Improper Input Validation	CVE-2025-54236	2026-04-15 04:00	2025-09-9	Show	GitHub Exploit DB Packet Storm

1477	10.0	CRITICAL Network	praison	praisonai	PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes (BASIC, STRICT, NETWORK_ISOLATED) calls subprocess.run() with shell=True and relies solely on string-p…	CWE-78 OS Command	CVE-2026-34955	2026-04-15 03:56	2026-04-4	Show	GitHub Exploit DB Packet Storm

1478	7.8	HIGH Local	electronjs	electron	Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on macOS, app.moveToApplicationsFo…	CWE-78 OS Command	CVE-2026-34779	2026-04-15 03:55	2026-04-4	Show	GitHub Exploit DB Packet Storm

1479	5.4	MEDIUM Network	opensourcepos	open_source_point_of_sale	Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Prior to 3.4.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Daily Sa…	CWE-79 Cross-site Scripting	CVE-2026-32712	2026-04-15 03:45	2026-04-8	Show	GitHub Exploit DB Packet Storm

1480	7.5	HIGH Network	opentelemetry	opentelemetry	OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.36.0 to 1.40.0, multi-value baggage: header extraction parses each header field-value independently and aggregates members across va…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-29181	2026-04-15 03:45	2026-04-8	Show	GitHub Exploit DB Packet Storm