Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
233811 7.5 危険 The PHP Group - PHP の Tidy エクステンションにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-3294 2012-09-25 16:47 2007-06-20 Show GitHub Exploit DB Packet Storm
233812 7.5 危険 livecms - LiveCMS の categoria.php における SQL インジェクションの脆弱性 - CVE-2007-3293 2012-09-25 16:47 2007-06-20 Show GitHub Exploit DB Packet Storm
233813 7.5 危険 livecms - LiveCMS における任意の PHP コードをアップロードされる脆弱性 - CVE-2007-3292 2012-09-25 16:47 2007-06-20 Show GitHub Exploit DB Packet Storm
233814 4.3 警告 livecms - LiveCMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-3291 2012-09-25 16:47 2007-06-20 Show GitHub Exploit DB Packet Storm
233815 9.3 危険 livecms - LiveCMS の categoria.php における重要な情報を取得される脆弱性 - CVE-2007-3290 2012-09-25 16:47 2007-06-20 Show GitHub Exploit DB Packet Storm
233816 7.8 危険 マイクロソフト - Microsoft Office MSODataSourceControl ActiveX オブジェクトにおけるバッファオーバーフローの脆弱性 - CVE-2007-3282 2012-09-25 16:47 2007-06-19 Show GitHub Exploit DB Packet Storm
233817 4.3 警告 php hosting biller - Php Hosting Biller の index.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3281 2012-09-25 16:47 2007-06-19 Show GitHub Exploit DB Packet Storm
233818 7.1 危険 mailwasher - MailWasher Server における任意のユーザアカウントへアクセスされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2007-3275 2012-09-25 16:47 2007-06-19 Show GitHub Exploit DB Packet Storm
233819 7.8 危険 miniBB - MiniBB の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-3272 2012-09-25 16:47 2007-06-19 Show GitHub Exploit DB Packet Storm
233820 3.5 注意 Papoo Software - Papoo Light におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3269 2012-09-25 16:47 2007-06-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1391 - - - The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer … CWE-787
 Out-of-bounds Write 		CVE-2026-3298 2026-04-22 06:16 2026-04-22 Show GitHub Exploit DB Packet Storm
1392 3.1 LOW
Network 		- - OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin downloader extracts a plugin binary from a container ima… CWE-400
CWE-674
CWE-770
 Uncontrolled Resource Consumption
 Uncontrolled Recursion
 Allocation of Resources Without Limits or Throttling 		CVE-2026-39396 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1393 8.8 HIGH
Network 		- - In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs w… CWE-269
 Improper Privilege Management 		CVE-2026-29648 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1394 6.5 MEDIUM
Network 		- - In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabl… CWE-269
 Improper Privilege Management 		CVE-2026-29647 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1395 9.8 CRITICAL
Network 		- - In OpenXiangShan NEMU prior to 55295c4, when running with RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor interrupt-enable CSR (sie) may be handled incorrectly and can inf… CWE-267
 Privilege Defined With Unsafe Actions 		CVE-2026-29646 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1396 7.1 HIGH
Local 		- - XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contains an improper exceptional-condition handling flaw in its CSR subsystem (N… CWE-703
 Improper Check or Handling of Exceptional Conditions 		CVE-2026-29643 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1397 7.8 HIGH
Local 		- - A local attacker who can execute privileged CSR operations (or can induce firmware to do so) performs carefully crafted reads/writes to menvcfg (e.g., csrrs in M-mode). On affected XiangShan versions… CWE-1244
 Internal Asset Exposed to Unsafe Debug Access Level or State 		CVE-2026-29642 2026-04-22 05:16 2026-04-21 Show GitHub Exploit DB Packet Storm
1398 5.3 MEDIUM
Local 		- - XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) has improper gating of its distributed CSR write-enable path, allowing illegal C… CWE-284
Improper Access Control 		CVE-2026-29644 2026-04-22 03:16 2026-04-22 Show GitHub Exploit DB Packet Storm
1399 4.5 MEDIUM
Network 		- - A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS… CWE-400
CWE-770
 Uncontrolled Resource Consumption
 Allocation of Resources Without Limits or Throttling 		CVE-2026-6060 2026-04-22 01:20 2026-04-21 Show GitHub Exploit DB Packet Storm
1400 4.7 MEDIUM
Local 		- - Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass… CWE-757
Algorithm Downgrade 		CVE-2026-6550 2026-04-22 01:20 2026-04-21 Show GitHub Exploit DB Packet Storm