Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
239141	7.5	危険	barcodephp	-	barcodegen の image.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5993	2012-06-26 16:10	2009-01-28	Show	GitHub Exploit DB Packet Storm

239142	6.8	警告	eduforge	-	emergecolab の connect/init.inc におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-5990	2012-06-26 16:10	2009-01-28	Show	GitHub Exploit DB Packet Storm

239143	6.9	警告	Csound	-	Csound の VST プラグインにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2008-5986	2012-06-26 16:10	2009-01-28	Show	GitHub Exploit DB Packet Storm

239144	6.9	警告	dia	-	Dia の Python プラグインにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2008-5984	2012-06-26 16:10	2009-01-28	Show	GitHub Exploit DB Packet Storm

239145	10	危険	BMC Software	-	BMC PATROL Agent におけるフォーマットストリングの脆弱性	CWE-134 書式文字列の問題	CVE-2008-5982	2012-06-26 16:10	2009-01-27	Show	GitHub Exploit DB Packet Storm

239146	7.5	危険	Activewebsoftwares	-	Active Price Comparison の links.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5975	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

239147	7.5	危険	Activewebsoftwares	-	Active Price Comparison の login.aspx における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5974	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

239148	7.5	危険	Activewebsoftwares	-	Active Web Mail の login.aspx における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5973	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

239149	7.5	危険	Activewebsoftwares	-	Active Business Directory の default.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-5972	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

239150	7.5	危険	globsy	-	Globsy の globsy_edit.php における任意のファイルを上書きされる脆弱性	CWE-20 不適切な入力確認	CVE-2008-5966	2012-06-26 16:10	2009-01-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	6.1	MEDIUM Physics	-	-	libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in `ptp_unpack_OI()` in `camlibs/ptp2/ptp-pack.c` (lines 530–563). The …	CWE-125 Out-of-bounds Read	CVE-2026-40340	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

312	5.2	MEDIUM Physics	-	-	libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack.c` (line 842). The function read…	CWE-125 Out-of-bounds Read	CVE-2026-40339	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

313	5.2	MEDIUM Physics	-	-	libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTP_DPFF_Enumeration case of `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack…	CWE-125 Out-of-bounds Read	CVE-2026-40338	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

314	5.1	MEDIUM Local	-	-	The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task…	CWE-283 Unverified Ownership	CVE-2026-40337	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

315	2.4	LOW Physics	-	-	libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack.c` (lines 884–885). When processing a se…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-40336	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

316	5.2	MEDIUM Physics	-	-	libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in `ptp_unpack_DPV()` in `camlibs/ptp2/ptp-pack.c` (lines 622–629). The UINT128 and I…	CWE-125 Out-of-bounds Read	CVE-2026-40335	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

317	3.5	LOW Physics	-	-	libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in ptp_unpack_Canon_FE() in camlibs/ptp2/ptp-pack.c (line 1377). The functi…	CWE-170 Improper Null Termination	CVE-2026-40334	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

318	6.1	MEDIUM Physics	-	-	libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded…	CWE-125 Out-of-bounds Read	CVE-2026-40333	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

319	9.1	CRITICAL Network	-	-	Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser `Utf8GraphQLParser` has no recursion depth limit. A c…	CWE-674 Uncontrolled Recursion	CVE-2026-40324	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm

320	-		-	-	SP1 is a zero‑knowledge virtual machine that proves the correct execution of programs compiled for the RISC-V architecture. In versions 6.0.0 through 6.0.2, a soundness vulnerability in the SP1 V6 re…	CWE-345 CWE-354 Insufficient Verification of Data Authenticity Improper Validation of Integrity Check Value	CVE-2026-40323	2026-04-18 09:16	2026-04-18	Show	GitHub Exploit DB Packet Storm