Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241671	10	危険	extremail	-	eXtremail における DNS のなりすましを実行される脆弱性	-	CVE-2007-2188	2012-06-26 15:46	2007-04-24	Show	GitHub Exploit DB Packet Storm

241672	10	危険	extremail	-	eXtremail におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2187	2012-06-26 15:46	2007-04-24	Show	GitHub Exploit DB Packet Storm

241673	5	警告	Foxit Software Inc	-	Foxit Reader におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2186	2012-06-26 15:46	2007-04-24	Show	GitHub Exploit DB Packet Storm

241674	7.6	危険	アップル	-	Safari などで使用される Apple QuickTime Java 拡張における任意のコードを実行される脆弱性	-	CVE-2007-2175	2012-06-26 15:46	2007-04-24	Show	GitHub Exploit DB Packet Storm

241675	7.2	危険	チェック・ポイント・ソフトウェア・テクノロジーズ	-	Check Point ZoneAlarm の ZoneAlarm SRE における任意のファイルを実行される脆弱性	-	CVE-2007-2174	2012-06-26 15:46	2007-04-24	Show	GitHub Exploit DB Packet Storm

241676	10	危険	double precision incorporated Gentoo Linux	-	Courier-IMAP の courier-imapd.indirect における任意のコマンドを実行される脆弱性	-	CVE-2007-2173	2012-06-26 15:46	2007-04-24	Show	GitHub Exploit DB Packet Storm

241677	7.5	危険	aimstats	-	AimStats の process.php における PHP コードを挿入される脆弱性	-	CVE-2007-2168	2012-06-26 15:46	2007-04-22	Show	GitHub Exploit DB Packet Storm

241678	7.5	危険	aimstats	-	AimStats の process.php における PHP コードを挿入される脆弱性	-	CVE-2007-2167	2012-06-26 15:46	2007-04-22	Show	GitHub Exploit DB Packet Storm

241679	5	警告	アップル	-	Apple Safari におけるサービス運用妨害 (DoS) 状態となる脆弱性	-	CVE-2007-2163	2012-06-26 15:46	2007-04-22	Show	GitHub Exploit DB Packet Storm

241680	7.8	危険	GNU Project Mozilla Foundation	-	Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2162	2012-06-26 15:46	2007-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
111	4.9	MEDIUM Network	-	-	October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in the INI settings parser. Because PHP's… New	CWE-94 CWE-200 Code Injection Information Exposure	CVE-2026-25125	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

112	-		-	-	October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting (XSS) vulnerability in the SVG sanitization logic. The regex p… New	CWE-79 Cross-site Scripting	CVE-2026-25133	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

113	7.2	HIGH Network	-	-	Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is accessible without authentication on fully installed instances because… New	CWE-306 CWE-918 Missing Authentication for Critical Function Server-Side Request Forgery (SSRF)	CVE-2026-33715	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

114	4.6	MEDIUM Network	-	-	Docmost is open-source collaborative wiki and documentation software. Versions prior to 0.70.0 are vulnerable to a stored cross-site scripting (XSS) attack due to improper handling of MIME type spoof… New	CWE-79 Cross-site Scripting	CVE-2026-33193	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

115	5.4	MEDIUM Network	-	-	Docmost is open-source collaborative wiki and documentation software. In versions prior to 0.71.0, improper neutralization of attachment URLs in Docmost allows a low-privileged authenticated user to … New	CWE-79 Cross-site Scripting	CVE-2026-34212	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

116	5.4	MEDIUM Network	-	-	Docmost is open-source collaborative wiki and documentation software. Starting in version 0.3.0 and prior to version 0.71.0, improper authorization in Docmost allows a low-privileged authenticated us… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-34213	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

117	-		-	-	Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hash… New	CWE-441 Confused Deputy	CVE-2026-39906	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

118	8.6	HIGH Network	-	-	Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the PENS (Package Exchange Notification Services) plugin endpoint at public/plugin/Pens/pens.php is accessib… New	CWE-306 CWE-918 Missing Authentication for Critical Function Server-Side Request Forgery (SSRF)	CVE-2026-34160	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

119	-		-	-	Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in the social post attachment upload functionality,… New	CWE-79 Cross-site Scripting	CVE-2026-34161	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm

120	7.0	HIGH Local	-	-	libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the load_gif() function in fromgif.c, where a single… New	CWE-416 Use After Free	CVE-2026-33018	2026-04-18 00:38	2026-04-15	Show	GitHub Exploit DB Packet Storm