Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
233961	4.3	警告	The PHP Group	-	PHP の substr_count 関数における重要な情報を取得される脆弱性	-	CVE-2007-2748	2012-09-25 16:47	2007-05-17	Show	GitHub Exploit DB Packet Storm

233962	7.5	危険	labs.beffa.org	-	labs.beffa.org w2box における任意の PHP コードをアップロードされる脆弱性	-	CVE-2007-2742	2012-09-25 16:47	2007-05-17	Show	GitHub Exploit DB Packet Storm

233963	9.3	危険	Little CMS	-	Little CMS におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-2741	2012-09-25 16:47	2007-05-17	Show	GitHub Exploit DB Packet Storm

233964	6	警告	jetbox	-	Jetbox CMS における任意のスクリプトをアップロードされる脆弱性	-	CVE-2007-2733	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

233965	6.8	警告	jetbox	-	Jetbox CMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2732	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

233966	4	警告	jetbox	-	Jetbox CMS の formmail.php における CRLF インジェクションの脆弱性	-	CVE-2007-2731	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

233967	4.3	警告	The PHP Group	-	PHP の soap エクステンションにおける脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-2728	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

233968	2.6	注意	The PHP Group	-	PHP の ext/mcrypt/mcyrpt.c における特定のデータを解読される脆弱性	-	CVE-2007-2727	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

233969	7.1	危険	media player classic	-	Media Player Classic におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2723	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

233970	7.8	危険	newzcrawler	-	NewzCrawler におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2722	2012-09-25 16:47	2007-05-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1941	4.6	MEDIUM Physics	-	-	A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 …	CWE-385 Covert Timing Channel	CVE-2025-69893	2026-04-18 00:24	2026-04-15	Show	GitHub Exploit DB Packet Storm

1942	6.5	MEDIUM Network	-	-	A Local File Inclusion (LFI) vulnerability in the NFSen module (nfsen.inc.php) of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesyst…	CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')	CVE-2026-30480	2026-04-18 00:24	2026-04-15	Show	GitHub Exploit DB Packet Storm

1943	6.8	MEDIUM Network	-	-	Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity susceptible to brute-force attacks past the unsuccessful login attempt limit. This vulnerability …	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2025-31991	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

1944	4.3	MEDIUM Network	-	-	The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 seq…	CWE-20 Improper Input Validation	CVE-2026-6231	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

1945	6.5	MEDIUM Adjacent	-	-	A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks cou…	CWE-1284 Improper Validation of Specified Quantity in Input	CVE-2025-3756	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

1946	-		-	-	Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `MemoryError` and the decompression instance is re-u…	CWE-416 CWE-787 Use After Free Out-of-bounds Write	CVE-2026-6100	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

1947	-		-	-	Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the …	CWE-77 Command Injection	CVE-2026-4786	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

1948	7.5	HIGH Network	-	-	Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in tim…	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-5086	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

1949	6.1	MEDIUM Network	-	-	Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL, that if accessed …	CWE-79 Cross-site Scripting	CVE-2026-0512	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm

1950	4.2	MEDIUM Network	-	-	Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain valid session tokens and reuse them to gain unauth…	CWE-539 Use of Persistent Cookies Containing Sensitive Information	CVE-2026-24318	2026-04-18 00:18	2026-04-14	Show	GitHub Exploit DB Packet Storm