Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
248741	4.3	警告	IBM	-	IBM Cognos TM1 の TM1 Web におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1046	2012-02-14 14:18	2012-02-10	Show	GitHub Exploit DB Packet Storm

248742	5	警告	Apache Software Foundation	-	Apache Portable Runtime ライブラリの apr_hash.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0840	2012-02-14 14:17	2012-02-10	Show	GitHub Exploit DB Packet Storm

248743	5	警告	AdaCore	-	AdaCore Ada Web Services におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-1035	2012-02-13 16:39	2012-01-27	Show	GitHub Exploit DB Packet Storm

248744	6.5	警告	サイベース	-	Sybase M-Business Anywhere の Web 管理インターフェイスにおけるユーザーアカウントをリストアップされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5078	2012-02-13 16:15	2012-02-8	Show	GitHub Exploit DB Packet Storm

248745	5	警告	INRIA	-	OCaml におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-0839	2012-02-13 16:13	2012-02-8	Show	GitHub Exploit DB Packet Storm

248746	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer および RealPlayer SP における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0927	2012-02-13 14:37	2012-02-6	Show	GitHub Exploit DB Packet Storm

248747	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer および RealPlayer SP の RV10 コーデックにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0926	2012-02-13 14:36	2012-02-6	Show	GitHub Exploit DB Packet Storm

248748	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer および RealPlayer SP における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0924	2012-02-13 14:34	2012-02-6	Show	GitHub Exploit DB Packet Storm

248749	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer および RealPlayer SP の rvrender.dll における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-0922	2012-02-13 14:32	2012-02-6	Show	GitHub Exploit DB Packet Storm

248750	5.1	警告	ESTsoft Japan 株式会社	-	ALFTP における実行ファイル読み込みに関する脆弱性	CWE-Other その他	CVE-2012-0315	2012-02-13 14:00	2012-02-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1031	6.1	MEDIUM Network	-	-	A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter.	CWE-79 Cross-site Scripting	CVE-2025-56536	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1032	6.1	MEDIUM Network	-	-	A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual…	CWE-79 Cross-site Scripting	CVE-2025-56537	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1033	5.3	MEDIUM Network	-	-	Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attacker…	CWE-352 Origin Validation Error	CVE-2018-25298	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1034	8.4	HIGH Local	-	-	Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malici…	CWE-120 Classic Buffer Overflow	CVE-2018-25299	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1035	6.2	MEDIUM Local	-	-	librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the…	CWE-120 Classic Buffer Overflow	CVE-2018-25305	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1036	7.3	HIGH Network	-	-	A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protections. When an archive is downloaded from the internet and e…	CWE-290 Authentication Bypass by Spoofing	CVE-2025-50328	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1037	9.1	CRITICAL Network	-	-	Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the c…	CWE-200 CWE-441 CWE-913 Information Exposure Confused Deputy Improper Control of Dynamically-Managed Code Resources	CVE-2026-7381	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1038	-		-	-	Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server a…	CWE-611 XXE	CVE-2024-13971	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1039	4.0	MEDIUM Local	-	-	Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c.	CWE-190 Integer Overflow or Wraparound	CVE-2026-42798	2026-05-1 00:48	2026-04-30	Show	GitHub Exploit DB Packet Storm

1040	4.4	MEDIUM Local	-	-	AgentFlow's local web API accepts non-JSON content types on POST /api/runs and POST /api/runs/validate endpoints without enforcing application/json validation, allowing attackers to bypass trust-boun…	CWE-346 Origin Validation Error	CVE-2026-7439	2026-05-1 00:44	2026-04-30	Show	GitHub Exploit DB Packet Storm