Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
801	5.5	警告 Local	サムスン	Gallery	サムスンのGalleryにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-20969	2026-02-2 19:26	2025-05-7	Show	GitHub Exploit DB Packet Storm

802	4.7	警告 Local	Linux	Linux Kernel	LinuxのLinux KernelにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2025-21746	2026-02-2 19:26	2025-02-27	Show	GitHub Exploit DB Packet Storm

803	9.1	緊急 Network	Imagination Technologies Limited	GPU DDK	Imagination Technologies LimitedのGPU DDKにおける誤った領域へのリソースの漏えいに関する脆弱性	CWE-668 誤った領域へのリソースの漏えい	CVE-2025-25176	2026-02-2 19:26	2026-01-13	Show	GitHub Exploit DB Packet Storm

804	7.3	重要 Local	DigitalDruid.Net	HotelDruid	DigitalDruid.NetのHotelDruidにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2025-25748	2026-02-2 19:26	2025-03-11	Show	GitHub Exploit DB Packet Storm

805	7.5	重要 Network	GraphicsMagick	GraphicsMagick	GraphicsMagickにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-27795	2026-02-2 19:26	2025-03-7	Show	GitHub Exploit DB Packet Storm

806	9.8	緊急 Network	GraphicsMagick	GraphicsMagick	GraphicsMagickにおける初期化されていないリソースの使用に関する脆弱性	CWE-908 初期化されていないリソースの使用	CVE-2025-27796	2026-02-2 19:26	2025-03-7	Show	GitHub Exploit DB Packet Storm

807	9.1	緊急 Network	GraphicsMagick	GraphicsMagick	GraphicsMagickにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2025-32460	2026-02-2 19:26	2025-04-9	Show	GitHub Exploit DB Packet Storm

808	5.4	警告 Network	MedDream	PACS Server	MedDream UABのPACS Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-36556	2026-02-2 19:26	2026-01-20	Show	GitHub Exploit DB Packet Storm

809	6.5	警告 Network	Hitachi Energy	microscada x sys600	Hitachi Energyのmicroscada x sys600における証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2025-39205	2026-02-2 19:26	2025-06-24	Show	GitHub Exploit DB Packet Storm

810	9.8	緊急 Network	LimeSurvey	LimeSurvey	LimeSurveyにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-41375	2026-02-2 19:26	2025-08-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
283291	-	stephen_craton	chatness	admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier does not check for administrative credentials, which allows remote attackers to read and modify the classes/vars.php and …	NVD-CWE-Other	CVE-2007-2147	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283292	-	stephen_craton	chatness	Direct static code injection vulnerability in admin/save.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files…	NVD-CWE-Other	CVE-2007-2148	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283293	-	stephen_craton	chatness	Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores usernames and unencrypted passwords in (1) classes/vars.php and (2) classes/varstuff.php, and recommends 0666 or 0777 permissions for t…	NVD-CWE-Other	CVE-2007-2149	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283294	-	bluearc	titan	BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware 4.2.944b allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017.	NVD-CWE-Other	CVE-2007-2150	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283295	-	atmail	atmail_webmail	Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.	NVD-CWE-Other	CVE-2007-2153	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283296	-	phpfaber	topsites	Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the modify parameter in a template action to admin/in…	NVD-CWE-Other	CVE-2007-2155	2018-10-17 01:42	2007-04-19	Show	GitHub Exploit DB Packet Storm

283297	-	gnu mozilla	iceweasel firefox	(1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial of service (browser crash or system hang) via JavaScript that matches a regular expression against a…	NVD-CWE-Other	CVE-2007-2162	2018-10-17 01:42	2007-04-23	Show	GitHub Exploit DB Packet Storm

283298	-	apple	safari	Apple Safari allows remote attackers to cause a denial of service (browser crash) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.	NVD-CWE-Other	CVE-2007-2163	2018-10-17 01:42	2007-04-23	Show	GitHub Exploit DB Packet Storm

283299	-	kde	konqueror	Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression against a long string, as demonstrated usin…	NVD-CWE-Other	CVE-2007-2164	2018-10-17 01:42	2007-04-23	Show	GitHub Exploit DB Packet Storm

283300	-	oracle	e-business_suite	The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it i…	NVD-CWE-Other	CVE-2007-2170	2018-10-17 01:42	2007-04-25	Show	GitHub Exploit DB Packet Storm