Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
461	5.4	警告 Network	OpenProject	OpenProject	OpenProjectにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23625	2026-02-4 18:36	2026-01-19	Show	GitHub Exploit DB Packet Storm

462	6.5	警告 Network	OpenProject	OpenProject	OpenProjectにおける誤ったセッションへのデータ要素の漏えいに関する脆弱性	CWE-488 誤ったセッションへのデータ要素の漏えい	CVE-2026-23646	2026-02-4 18:36	2026-01-19	Show	GitHub Exploit DB Packet Storm

463	4.3	警告 Network	OpenProject	OpenProject	OpenProjectにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-23721	2026-02-4 18:36	2026-01-19	Show	GitHub Exploit DB Packet Storm

464	5.3	警告 Network	Linux Foundation	rekor	Linux FoundationのrekorにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-23831	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

465	6.1	警告 Network	Lee Peuker	Movary	Lee PeukerのMovaryにおける複数の脆弱性	CWE-20 CWE-79	CVE-2026-23841	2026-02-4 18:36	2026-01-19	Show	GitHub Exploit DB Packet Storm

466	6.5	警告 Network	The Kyverno Authors	Kyverno	The Kyverno AuthorsのKyvernoにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-23881	2026-02-4 18:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

467	5.9	警告 Network	octoprint.org	OctoPrint	octoprint.orgのOctoPrintにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-23892	2026-02-4 18:36	2026-01-27	Show	GitHub Exploit DB Packet Storm

468	5.3	警告 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-23961	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

469	7.5	重要 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-23962	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

470	6.5	警告 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-23963	2026-02-4 18:36	2026-01-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306721	-	persits	aspupload	Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Fi…	NVD-CWE-Other	CVE-2001-0938	2016-10-18 11:13	2001-11-30	Show	GitHub Exploit DB Packet Storm

306722	-	khaled_mardam-bey	mirc	DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process.	NVD-CWE-Other	CVE-2001-0944	2016-10-18 11:13	2001-12-2	Show	GitHub Exploit DB Packet Storm

306723	-	microsoft	outlook_express	Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line.	NVD-CWE-Other	CVE-2001-0945	2016-10-18 11:13	2001-12-3	Show	GitHub Exploit DB Packet Storm

306724	-	oracle	database_server	Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access.	NVD-CWE-Other	CVE-2001-0831	2016-10-18 11:12	2001-12-6	Show	GitHub Exploit DB Packet Storm

306725	-	oracle	database_server	Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log direc…	NVD-CWE-Other	CVE-2001-0832	2016-10-18 11:12	2001-12-6	Show	GitHub Exploit DB Packet Storm

306726	-	ikonboard.com	ikonboard	Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cooki…	NVD-CWE-Other	CVE-2001-0841	2016-10-18 11:12	2001-12-6	Show	GitHub Exploit DB Packet Storm

306727	-	leoboard	lb5000	Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amemberna…	NVD-CWE-Other	CVE-2001-0842	2016-10-18 11:12	2001-12-6	Show	GitHub Exploit DB Packet Storm

306728	-	seth_leonard	book_of_guests post_it	Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.	NVD-CWE-Other	CVE-2001-0844	2016-10-18 11:12	2001-12-6	Show	GitHub Exploit DB Packet Storm

306729	-	e-zone_media	fuse_talk	join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.	NVD-CWE-Other	CVE-2001-0848	2016-10-18 11:12	2001-12-6	Show	GitHub Exploit DB Packet Storm

306730	-	francisco_burzi	php-nuke	PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.…	NVD-CWE-Other	CVE-2001-0854	2016-10-18 11:12	2001-12-6	Show	GitHub Exploit DB Packet Storm