Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254261	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4248	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

254262	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4246	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

254263	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer の smlrender.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4257	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

254264	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4245	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

254265	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4244	2010-02-17 11:48	2010-01-19	Show	GitHub Exploit DB Packet Storm

254266	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の DLL ファイルにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-0376	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

254267	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の DLL ファイルにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-0375	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

254268	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における HTTP のチャンク転送コーディングの処理に関する脆弱性	CWE-119 バッファエラー	CVE-2009-4243	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

254269	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4242	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

254270	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4241	2010-02-17 11:46	2010-01-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3621	7.5	HIGH Network	powerdns	dnsdist	A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released unt…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-33594	2026-04-25 01:48	2026-04-22	Show	GitHub Exploit DB Packet Storm

3622	8.8	HIGH Local	nsa	emissary	Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand() is vulnerable to OS command injection because it interpolates temporary file paths into a /b…	CWE-78 CWE-116 OS Command Improper Encoding or Escaping of Output	CVE-2026-35582	2026-04-25 01:48	2026-04-18	Show	GitHub Exploit DB Packet Storm

3623	8.3	HIGH Network	wwbn	avideo	WWBN AVideo is an open source video platform. In versions 29.0 and prior, `objects/configurationUpdate.json.php` (also routed via `/updateConfig`) persists dozens of global site settings from `$_POST…	CWE-352 Origin Validation Error	CVE-2026-40925	2026-04-25 01:46	2026-04-22	Show	GitHub Exploit DB Packet Storm

3624	5.7	MEDIUM Network	oracle	peoplesoft_enterprise_cs_student_records	Vulnerability in the PeopleSoft Enterprise CS Student Records product of Oracle PeopleSoft (component: Research Tracking). The supported version that is affected is 9.2. Easily exploitable vulnerab…	CWE-284 Improper Access Control	CVE-2026-35241	2026-04-25 01:44	2026-04-22	Show	GitHub Exploit DB Packet Storm

3625	7.8	HIGH Local	oracle	application_development_framework	Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. E…	CWE-284 Improper Access Control	CVE-2026-35243	2026-04-25 01:43	2026-04-22	Show	GitHub Exploit DB Packet Storm

3626	9.1	CRITICAL Network	oracle	enterprise_manager_base_platform	Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Supported versions that are affected are 13.5 and 24.1. Easily explo…	CWE-306 Missing Authentication for Critical Function	CVE-2026-34279	2026-04-25 01:43	2026-04-22	Show	GitHub Exploit DB Packet Storm

3627	6.0	MEDIUM Local	oracle	graalvm jdk jre	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; …	CWE-400 Uncontrolled Resource Consumption	CVE-2026-22003	2026-04-25 01:42	2026-04-22	Show	GitHub Exploit DB Packet Storm

3628	4.4	MEDIUM Local	libjxl_project	libjxl	A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound area in …	CWE-908 Use of Uninitialized Resource	CVE-2025-12474	2026-04-25 01:42	2026-02-12	Show	GitHub Exploit DB Packet Storm

3629	4.4	MEDIUM Local	libjxl_project	libjxl	Un archivo especialmente diseñado puede provocar que el decodificador de libjxl lea datos de píxeles de memoria no inicializada (pero asignada). Esto se puede lograr al provocar que el decodificador…	CWE-908 Use of Uninitialized Resource	CVE-2025-12474	2026-04-25 01:42	2026-02-12	Show	GitHub Exploit DB Packet Storm

3630	9.6	CRITICAL Network	google	chrome	Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…	CWE-416 Use After Free	CVE-2026-6919	2026-04-25 01:39	2026-04-24	Show	GitHub Exploit DB Packet Storm