Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251641	10	危険	The PHP Group	-	PHP の crypt 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3268	2011-09-15 13:41	2011-08-25	Show	GitHub Exploit DB Packet Storm

251642	5	警告	The PHP Group	-	PHP の error_log 関数におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3267	2011-09-15 13:40	2011-08-25	Show	GitHub Exploit DB Packet Storm

251643	4.3	警告	The PHP Group	-	PHP の crypt 関数における認証を回避される脆弱性	CWE-310 暗号の問題	CVE-2011-3189	2011-09-15 13:40	2011-08-25	Show	GitHub Exploit DB Packet Storm

251644	7.4	危険	シトリックス・システムズレッドハット	-	Xen におけるホスト OS の権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1898	2011-09-15 13:38	2011-08-12	Show	GitHub Exploit DB Packet Storm

251645	5.1	警告	レッドハット	-	foomatic-gui その他の製品で使用される pysmb.py における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-2899	2011-09-15 13:37	2011-08-23	Show	GitHub Exploit DB Packet Storm

251646	5	警告	The PHP Group	-	PHP の addGlob および addPattern 関数におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1657	2011-09-14 10:52	2011-08-25	Show	GitHub Exploit DB Packet Storm

251647	5	警告	Zabbix	-	Zabbix における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-3264	2011-09-14 10:50	2011-08-19	Show	GitHub Exploit DB Packet Storm

251648	5	警告	Zabbix	-	Zabbix の zabbix_agentd におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3263	2011-09-14 10:49	2011-08-19	Show	GitHub Exploit DB Packet Storm

251649	4.3	警告	Zabbix	-	Zabbix の acknow.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-2904	2011-09-14 10:48	2011-08-19	Show	GitHub Exploit DB Packet Storm

251650	5.4	警告	Squid-cache.org インターネットイニシアティブ	-	透過型プロキシサーバが HTTP の Host ヘッダに依存して接続を行う問題	CWE-264 認可・権限・アクセス制御	CVE-2009-0801	2011-09-14 10:47	2009-02-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3521	7.5	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, /api/v1/public-chatbotConfig/:id ep exposes sensitive data including API keys, HTTP authorizat…	CWE-200 CWE-522 CWE-862 Information Exposure Insufficiently Protected Credentials Missing Authorization	CVE-2026-41266	2026-04-25 11:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

3522	5.9	MEDIUM Network	-	-	@node-oauth/oauth2-server is a module for implementing an OAuth2 server in Node.js. The token exchange path accepts RFC7636-invalid code_verifier values (including one-character strings) for S256 PKC…	CWE-307 CWE-1289 mproper Restriction of Excessive Authentication Attempts Improper Validation of Unsafe Equivalence in Input	CVE-2026-41213	2026-04-25 11:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

3523	7.5	HIGH Network	p11-kit_project redhat	p11-kit hardened_images enterprise_linux	A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters se…	CWE-824 Access of Uninitialized Pointer	CVE-2026-2100	2026-04-25 11:16	2026-03-27	Show	GitHub Exploit DB Packet Storm

3524	7.5	HIGH Network	p11-kit_project redhat	p11-kit hardened_images enterprise_linux	Se encontró una falla en p11-kit. Un atacante remoto podría explotar esta vulnerabilidad al llamar a la función C_DeriveKey en un token remoto con parámetros específicos del mecanismo de derivación I…	CWE-824 Access of Uninitialized Pointer	CVE-2026-2100	2026-04-25 11:16	2026-03-27	Show	GitHub Exploit DB Packet Storm

3525	7.8	HIGH Local	-	-	A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a si…	CWE-427 Uncontrolled Search Path Element	CVE-2025-14821	2026-04-25 09:16	2026-04-8	Show	GitHub Exploit DB Packet Storm

3526	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2026-6175	2026-04-25 08:16	2026-04-25	Show	GitHub Exploit DB Packet Storm

3527	6.5	MEDIUM Network	-	-	The API function `ssh_get_hexa()` is vulnerable, when 0-lenght input is provided to this function. This function is used internally in `ssh_get_fingerprint_hash()` and `ssh_print_hexa()` (deprecated)…	CWE-124 Buffer Underflow	CVE-2026-0966	2026-04-25 08:16	2026-03-27	Show	GitHub Exploit DB Packet Storm

3528	6.5	MEDIUM Network	-	-	La función API 'ssh_get_hexa()' es vulnerable cuando se proporciona una entrada de longitud 0 a esta función. Esta función se utiliza internamente en 'ssh_get_fingerprint_hash()' y 'ssh_print_hexa()'…	CWE-124 Buffer Underflow	CVE-2026-0966	2026-04-25 08:16	2026-03-27	Show	GitHub Exploit DB Packet Storm

3529	3.7	LOW Network	-	-	A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially cr…	CWE-190 Integer Overflow or Wraparound	CVE-2026-0988	2026-04-25 06:16	2026-01-21	Show	GitHub Exploit DB Packet Storm

3530	3.7	LOW Network	-	-	Se encontró una vulnerabilidad en glib. La falta de validación de los parámetros offset y count en la función g_buffered_input_stream_peek() puede conducir a un desbordamiento de entero durante el cá…	CWE-190 Integer Overflow or Wraparound	CVE-2026-0988	2026-04-25 06:16	2026-01-21	Show	GitHub Exploit DB Packet Storm