Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
234011	6.4	警告	ノキア	-	Nokia Intellisync Mobile Suite などにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-2590	2012-09-25 16:47	2007-05-11	Show	GitHub Exploit DB Packet Storm

234012	9.3	危険	office ocx	-	oa.ocx におけるバッファオーバーフローの脆弱性	-	CVE-2007-2588	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234013	10	危険	マカフィー	-	McAfee SecurityCenter の IsOldAppInstalled 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-2584	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234014	10	危険	IBM	-	IBM DB2 の DB2JDS サービスにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-2582	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234015	7.5	危険	noah	-	NoAh の modules/noevents/templates/mfa_theme.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-2572	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234016	7.5	危険	guilain omont	-	Wikivi5 の handlers/page/show.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2570	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234017	4.3	警告	Kayako	-	Kayako eSupport におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2562	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234018	5	警告	mentiss acgv	-	ACGVannu の theme/acgv.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-2560	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234019	4	警告	Mambo Foundation	-	Mambo の MOStlyDB Admin における脆弱性	-	CVE-2007-2557	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

234020	7.5	危険	Nuked-Klan	-	Nuked-klaN における SQL インジェクションの脆弱性	-	CVE-2007-2556	2012-09-25 16:47	2007-05-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1861	-		-	-	In manikandan580 School-management-system 1.0, a reflected cross-site scripting (XSS) vulnerability exists in /studentms/admin/contact-us.php via the email POST parameter.	-	CVE-2025-65134	2026-04-18 00:33	2026-04-15	Show	GitHub Exploit DB Packet Storm

1862	9.8	CRITICAL Network	-	-	In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter.	CWE-89 SQL Injection	CVE-2025-65135	2026-04-18 00:33	2026-04-15	Show	GitHub Exploit DB Packet Storm

1863	6.1	MEDIUM Network	-	-	In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter.	CWE-79 Cross-site Scripting	CVE-2025-65136	2026-04-18 00:33	2026-04-15	Show	GitHub Exploit DB Packet Storm

1864	9.9	CRITICAL Network	-	-	An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading a crafted PHP file.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-38526	2026-04-18 00:33	2026-04-15	Show	GitHub Exploit DB Packet Storm

1865	8.5	HIGH Network	-	-	A Server-Side Request Forgery (SSRF) in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a crafted POST request.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-38527	2026-04-18 00:33	2026-04-15	Show	GitHub Exploit DB Packet Storm

1866	7.1	HIGH Network	-	-	Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rotten_lead parameter at /Lead/LeadDataGrid.php.	CWE-89 SQL Injection	CVE-2026-38528	2026-04-18 00:33	2026-04-15	Show	GitHub Exploit DB Packet Storm

1867	2.7	LOW Network	-	-	SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/manage_rent.php.	CWE-89 SQL Injection	CVE-2026-37590	2026-04-18 00:32	2026-04-15	Show	GitHub Exploit DB Packet Storm

1868	2.7	LOW Network	-	-	Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view_details.php.	CWE-89 SQL Injection	CVE-2026-37591	2026-04-18 00:32	2026-04-15	Show	GitHub Exploit DB Packet Storm

1869	2.7	LOW Network	-	-	Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/manage_pricing.php.	CWE-89 SQL Injection	CVE-2026-37592	2026-04-18 00:32	2026-04-15	Show	GitHub Exploit DB Packet Storm

1870	2.7	LOW Network	-	-	SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php.	CWE-89 SQL Injection	CVE-2026-37593	2026-04-18 00:32	2026-04-15	Show	GitHub Exploit DB Packet Storm