Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241101	6.4	警告	AlstraSoft	-	AlstraSoft E-Friends の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4080	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241102	4.3	警告	AlstraSoft	-	AlstraSoft SMS Text Messaging Enterprise におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4079	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241103	4.3	警告	AlstraSoft	-	AlstraSoft Text Ads Enterprise におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4078	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241104	4.3	警告	AlstraSoft	-	AlstraSoft Video Share Enterprise におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4077	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241105	7.5	危険	ASP indir	-	Alisveris Sitesi Scripti の index.asp における SQL インジェクションの脆弱性	-	CVE-2007-4076	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241106	4.3	警告	ASP indir	-	Alisveris Sitesi Scripti の index.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4075	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241107	10	危険	SUSE centre for speech technology research	-	Gentoo Linux などの CSTR Festival のディフォルト設定における任意のコマンドを実行される脆弱性	CWE-16 環境設定	CVE-2007-4074	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241108	9.3	危険	clever components	-	Clever Internet ActiveX Suite の CLINETSUITEX6.OCX の clInetSuiteX6.clWebDav ActiveX コントロールにおける絶対パストラバーサルの脆弱性	-	CVE-2007-4067	2012-06-26 15:54	2007-07-30	Show	GitHub Exploit DB Packet Storm

241109	4.3	警告	Drupal	-	Drupal におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-4064	2012-06-26 15:54	2007-07-26	Show	GitHub Exploit DB Packet Storm

241110	4.3	警告	Drupal	-	Drupal におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2007-4063	2012-06-26 15:54	2007-07-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 17, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211	7.8	HIGH Local	-	-	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::generateP4Command() method, which constructs she… New	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2026-40176	2026-04-16 06:17	2026-04-16	Show	GitHub Exploit DB Packet Storm

212	7.8	HIGH Local	-	-	Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on th… New	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-22676	2026-04-16 06:17	2026-04-16	Show	GitHub Exploit DB Packet Storm

213	7.1	HIGH Local	sleuthkit	the_sleuth_kit	The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted … New	CWE-22 Path Traversal	CVE-2026-40024	2026-04-16 05:52	2026-04-9	Show	GitHub Exploit DB Packet Storm

214	6.1	MEDIUM Local	sleuthkit	the_sleuth_kit	The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrapped_key_parser class follows attacker-controlled length fields without bo… New	CWE-125 Out-of-bounds Read	CVE-2026-40025	2026-04-16 05:52	2026-04-9	Show	GitHub Exploit DB Packet Storm

215	6.5	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.3.25 contains a missing rate limiting vulnerability in Telegram webhook authentication that allows attackers to brute-force weak webhook secrets. The vulnerability enables repeat… New	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-35628	2026-04-16 05:38	2026-04-10	Show	GitHub Exploit DB Packet Storm

216	7.1	HIGH Local	huawei	harmonyos emui	UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. New	CWE-416 Use After Free	CVE-2026-34854	2026-04-16 05:19	2026-04-13	Show	GitHub Exploit DB Packet Storm

217	6.5	MEDIUM Network	-	-	A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability i… New	CWE-190 Integer Overflow or Wraparound	CVE-2026-6385	2026-04-16 05:16	2026-04-16	Show	GitHub Exploit DB Packet Storm

218	7.3	HIGH Local	-	-	A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a spec… New	CWE-120 Classic Buffer Overflow	CVE-2026-6384	2026-04-16 05:16	2026-04-16	Show	GitHub Exploit DB Packet Storm

219	8.8	HIGH Network	-	-	Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) New	CWE-843 Type Confusion	CVE-2026-6363	2026-04-16 05:16	2026-04-16	Show	GitHub Exploit DB Packet Storm

220	8.8	HIGH Network	-	-	Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) New	CWE-416 Use After Free	CVE-2026-6360	2026-04-16 05:16	2026-04-16	Show	GitHub Exploit DB Packet Storm