Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233651	7.5	危険	iexpress	-	iExpress の Property Pro の vir_login.asp における SQL インジェクションの脆弱性	-	CVE-2007-3992	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233652	7.5	危険	junction quest	-	ImageRacer の SearchResults.asp における SQL インジェクションの脆弱性	-	CVE-2007-3987	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233653	6.8	警告	NetArt Media	-	BlogSite Professional の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3979	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233654	7.5	危険	jblog	-	JBlog の admin/ajoutaut.php における任意のアカウントを作成される脆弱性	-	CVE-2007-3974	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233655	6.8	警告	jblog	-	JBlog におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3973	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233656	9.3	危険	Panda Security	-	Panda Antivirus におけるバッファオーバーフローの脆弱性	-	CVE-2007-3969	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233657	5	警告	iexpress	-	Munch Pro における SQL インジェクションの脆弱性	-	CVE-2007-3966	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233658	5	警告	itaka	-	Itaka における重要な情報を取得される脆弱性	-	CVE-2007-3964	2012-09-25 16:47	2007-07-25	Show	GitHub Exploit DB Packet Storm

233659	5	警告	Ipswitch, Inc.	-	ICS の Ipswitch Instant Messaging の IM Server におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3959	2012-09-25 16:47	2007-07-24	Show	GitHub Exploit DB Packet Storm

233660	7.1	危険	マイクロソフト	-	Windows 2000 などで稼働する Microsoft Windows Explorer におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3958	2012-09-25 16:47	2007-07-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1311	3.1	LOW Network	-	-	OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin downloader extracts a plugin binary from a container ima…	CWE-400 CWE-674 CWE-770 Uncontrolled Resource Consumption Uncontrolled Recursion Allocation of Resources Without Limits or Throttling	CVE-2026-39396	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1312	7.5	HIGH Network	-	-	Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service (ReDoS) attack within …	CWE-400 CWE-1333 Uncontrolled Resource Consumption Inefficient Regular Expression Complexity	CVE-2026-39320	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1313	-		-	-	Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API (`/api/4/*`) that is accessible without authentication and allows cr…	CWE-200 CWE-306 CWE-942 Information Exposure Missing Authentication for Critical Function Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-34839	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1314	9.8	CRITICAL Network	-	-	NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] (CBIE/CBCFE/CBZE-related fields) is incorrectly masked/updated based on menvcfg[7:4], so a machine-mode w…	CWE-693 Protection Mechanism Failure	CVE-2026-29649	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1315	8.8	HIGH Network	-	-	In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs w…	CWE-269 Improper Privilege Management	CVE-2026-29648	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1316	6.5	MEDIUM Network	-	-	In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabl…	CWE-269 Improper Privilege Management	CVE-2026-29647	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1317	9.8	CRITICAL Network	-	-	In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor interrupt-enable CSR (sie) may be handled incorrectly and can inf…	CWE-267 Privilege Defined With Unsafe Actions	CVE-2026-29646	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1318	7.5	HIGH Network	-	-	NEMU (OpenXiangShan/NEMU) before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector (RVV) decoder. The decoder does not correctly validate the funct3 field when decodin…	CWE-131 CWE-1287 Incorrect Calculation of Buffer Size Improper Validation of Specified Type of Input	CVE-2026-29645	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1319	7.1	HIGH Local	-	-	XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contains an improper exceptional-condition handling flaw in its CSR subsystem (N…	CWE-703 Improper Check or Handling of Exceptional Conditions	CVE-2026-29643	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm

1320	7.8	HIGH Local	-	-	A local attacker who can execute privileged CSR operations (or can induce firmware to do so) performs carefully crafted reads/writes to menvcfg (e.g., csrrs in M-mode). On affected XiangShan versions…	CWE-1244 Internal Asset Exposed to Unsafe Debug Access Level or State	CVE-2026-29642	2026-04-22 05:16	2026-04-21	Show	GitHub Exploit DB Packet Storm