Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249641 9 危険 マイクロソフト
VMware		 - Microsoft SQL Server のバックアップファイルのレコードサイズに関するバッファオーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-0107 2011-03-4 10:37 2008-07-8 Show GitHub Exploit DB Packet Storm
249642 9 危険 マイクロソフト
VMware		 - Microsoft SQL Server の SQL データ型の処理に関するバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0086 2011-03-4 10:35 2008-07-8 Show GitHub Exploit DB Packet Storm
249643 5 警告 マイクロソフト
VMware		 - Microsoft SQL Server のメモリ再配置の際メモリページを初期化しない脆弱性 CWE-200
情報漏えい 		CVE-2008-0085 2011-03-4 10:34 2008-07-8 Show GitHub Exploit DB Packet Storm
249644 9 危険 マイクロソフト
VMware		 - Microsoft SQL Server の sp_replwritetovarbin 拡張ストアド プロシージャの処理における脆弱性 CWE-119
バッファエラー 		CVE-2008-5416 2011-03-4 10:33 2008-12-25 Show GitHub Exploit DB Packet Storm
249645 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog にバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-0517 2011-03-3 16:57 2011-02-7 Show GitHub Exploit DB Packet Storm
249646 9.3 危険 Moxa Inc. - MOXA Device Manager MDM Tool にバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4741 2011-03-3 16:54 2011-02-7 Show GitHub Exploit DB Packet Storm
249647 9.3 危険 SCADA Engine - SCADA Engine BACnet OPC Client におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4740 2011-03-3 16:51 2011-02-7 Show GitHub Exploit DB Packet Storm
249648 5 警告 Majordomo 2 - Majordomo 2 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-0049 2011-03-3 16:47 2011-02-7 Show GitHub Exploit DB Packet Storm
249649 7.6 危険 Automated Solutions, Inc - Automated Solutions Modbus/TCP Master OPC Server におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-4709 2011-03-3 16:32 2011-02-7 Show GitHub Exploit DB Packet Storm
249650 10 危険 シスコシステムズ - Cisco Tandberg E, EX および C Series における root アカウントのデフォルト認証情報の問題 CWE-255
証明書・パスワード管理 		CVE-2011-0354 2011-03-3 16:28 2011-02-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
521 - - - Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux (QUIC protocol implementation, packet processing module, STREAM frame h… CWE-20
CWE-347
 Improper Input Validation 
 Improper Verification of Cryptographic Signature 		CVE-2026-6328 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
522 7.8 HIGH
Local 		- - libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loa… CWE-416
 Use After Free 		CVE-2026-33023 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
523 - - - Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the… CWE-78
OS Command  		CVE-2026-33414 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
524 3.5 LOW
Physics 		- - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-i… CWE-384
CWE-613
 Session Fixation
 Insufficient Session Expiration 		CVE-2026-34454 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
525 9.1 CRITICAL
Network 		- - OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication bypass in deployments where OAuth2 Proxy… CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-34457 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
526 9.9 CRITICAL
Network 		- - Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint (POST /Videos/{itemId}/Subtitles), where the Format field … CWE-20
CWE-22
CWE-187
 Improper Input Validation 
Path Traversal
 Partial String Comparison 		CVE-2026-35031 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
527 5.4 MEDIUM
Network 		- - Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user's web browser. CWE-79
Cross-site Scripting 		CVE-2026-26291 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
528 7.5 HIGH
Network 		- - Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved. CWE-670
 Always-Incorrect Control Flow Implementation 		CVE-2026-40719 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
529 7.5 HIGH
Network 		- - Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2026-5088 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm
530 - - - Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the LiveTV M3U tuner endpoint (POST /LiveTv/TunerHosts), where the tuner URL is not val… CWE-73
CWE-918
 External Control of File Name or Path
Server-Side Request Forgery (SSRF)  		CVE-2026-35032 2026-04-18 00:38 2026-04-15 Show GitHub Exploit DB Packet Storm