Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
291 9.8 緊急
Network 		マイクロソフト Azure Logic Apps Azure Logic Apps Elevation of Privilege Vulnerability CWE-22
パス・トラバーサル 		CVE-2026-21227 2026-02-5 15:44 2026-01-22 Show GitHub Exploit DB Packet Storm
292 6.1 警告
Network 		マイクロソフト Microsoft Account Microsoft Account Spoofing Vulnerability CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-21264 2026-02-5 15:44 2026-01-22 Show GitHub Exploit DB Packet Storm
293 7.4 重要
Network 		マイクロソフト Azure Data Explorer Azure Data Explorer Information Disclosure Vulnerability CWE-200
情報漏えい 		CVE-2026-21524 2026-02-5 15:44 2026-01-22 Show GitHub Exploit DB Packet Storm
294 6.1 警告
Network 		Aquq Platform Revive Adserver Aquq PlatformのRevive Adserverにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-21663 2026-02-5 15:44 2026-01-20 Show GitHub Exploit DB Packet Storm
295 6.1 警告
Network 		Aquq Platform Revive Adserver Aquq PlatformのRevive Adserverにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-21664 2026-02-5 15:44 2026-01-20 Show GitHub Exploit DB Packet Storm
296 9.8 緊急
Network 		Anysphere Cursor AnysphereのCursorにおける複数の脆弱性 CWE-15
CWE-269
CWE-74
CWE-77
CWE-77
CWE-78
CWE-94
CVE-2026-22708 2026-02-5 15:44 2026-01-14 Show GitHub Exploit DB Packet Storm
297 6.1 警告
Local 		openCryptoki Project openCryptoki openCryptoki ProjectのopenCryptokiにおけるバッファサイズの計算の誤りに関する脆弱性 CWE-131
正しくないバッファサイズ計算 		CVE-2026-22791 2026-02-5 15:44 2026-01-13 Show GitHub Exploit DB Packet Storm
298 9.8 緊急
Network 		cal cal.com calのcal.comにおける複数の脆弱性 CWE-602
CWE-639
CVE-2026-23478 2026-02-5 15:44 2026-01-13 Show GitHub Exploit DB Packet Storm
299 7.8 重要
Local 		- sumatrapdfreaderのSumatra PDFにおける信頼できない検索パスに関する脆弱性 Fix CWE-426 Untrusted Search Path for notepad.exe  sumatrapdfreader/sumatrapdf@2762e02  GitHub
CWE-426
CVE-2026-23512 2026-02-5 15:44 2026-01-14 Show GitHub Exploit DB Packet Storm
300 6.1 警告
Network 		Lee Peuker Movary Lee PeukerのMovaryにおける複数の脆弱性 CWE-20
CWE-79
CVE-2026-23839 2026-02-5 15:44 2026-01-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314081 - imatix xitami Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive connections that have been broken or closed early, which allows remote attackers to cause a denial of service (crash) via a large n… NVD-CWE-Other
CVE-2002-1942 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314082 - safetp safetp_server SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of the FTP server in a response to a passive mode (PASV) file transfer request. NVD-CWE-Other
CVE-2002-1943 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314083 - motorola surfboard Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service (crash) by performing a SYN scan using a tool such as nmap. NVD-CWE-Other
CVE-2002-1944 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314084 - virtualzone smartmail_server Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote attackers to cause a denial of service (crash) via a long request to (1) TCP port 25 (SMTP) or (2) TCP port 110 (POP3). NVD-CWE-Other
CVE-2002-1945 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314085 - webmin webmin Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. NVD-CWE-Other
CVE-2002-1947 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314086 - gringotts gringotts Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. NVD-CWE-Other
CVE-2002-1948 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314087 - phprank phprank Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl paramet… NVD-CWE-Other
CVE-2002-1950 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314088 - phprank phprank phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occu… NVD-CWE-Other
CVE-2002-1952 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314089 - aol instant_messenger Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name paramet… NVD-CWE-Other
CVE-2002-1953 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm
314090 - php php Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinf… NVD-CWE-Other
CVE-2002-1954 2008-09-6 05:31 2002-12-31 Show GitHub Exploit DB Packet Storm