Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
951	5.4	警告 Network	nintex	Nintex Automation	nintexのNintex Automationにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-27924	2026-02-2 19:20	2025-03-10	Show	GitHub Exploit DB Packet Storm

952	9.8	緊急 Network	nintex	Nintex Automation	nintexのNintex Automationにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2025-27925	2026-02-2 19:20	2025-03-10	Show	GitHub Exploit DB Packet Storm

953	5.3	警告 Network	nintex	Nintex Automation	nintexのNintex Automationにおける複数の脆弱性	CWE-276 CWE-522	CVE-2025-27926	2026-02-2 19:19	2025-03-10	Show	GitHub Exploit DB Packet Storm

954	8.8	重要 Network	NVIDIA	TAO Toolkit	NVIDIAのTAO Toolkitにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2025-33208	2026-02-2 19:19	2025-12-3	Show	GitHub Exploit DB Packet Storm

955	9.8	緊急 Network	Qode Interactive	Dor	Qode InteractiveのWordPress用DorにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-39466	2026-02-2 19:19	2025-11-6	Show	GitHub Exploit DB Packet Storm

956	9.8	緊急 Network	Qode Interactive	Wanderland	Qode InteractiveのWordPress用Wanderlandにおけるパストラバーサルの脆弱性	CWE-35 パストラバーサル	CVE-2025-39467	2026-02-2 19:19	2025-11-6	Show	GitHub Exploit DB Packet Storm

957	8.1	重要 Network	Qode Interactive	Backpack Traveler	Qode InteractiveのWordPress用Backpack TravelerにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-39490	2026-02-2 19:19	2025-05-23	Show	GitHub Exploit DB Packet Storm

958	9.8	緊急 Network	Qode Interactive	Wilmer	Qode InteractiveのWordPress用WilmerにおけるPHP リモートファイルインクルージョンの脆弱性	CWE-98 PHP リモートファイルインクルージョン	CVE-2025-39494	2026-02-2 19:19	2025-05-23	Show	GitHub Exploit DB Packet Storm

959	6.1	警告 Network	IDI Eikon	Governalia	IDI EikonのGovernaliaにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-40700	2026-02-2 19:19	2025-12-2	Show	GitHub Exploit DB Packet Storm

960	6.5	警告 Network	GAMS	access control system	GAMSのaccess control systemにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2025-41086	2026-02-2 19:19	2025-12-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
307071	-	sun	j2se	Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.	NVD-CWE-Other	CVE-2005-0836	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307072	-	kayako	esupport	Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter.	NVD-CWE-Other	CVE-2005-0842	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307073	-	phorum	phorum	CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location hea…	NVD-CWE-Other	CVE-2005-0843	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307074	-	-	-	Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. (dot dot) in the attach_id parameter.	NVD-CWE-Other	CVE-2005-0845	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307075	-	netwin	surgemail	Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2)…	NVD-CWE-Other	CVE-2005-0846	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307076	-	bosanova ibm mochasoft powerterm	launcher400 client_access tn5250 interconnect	AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to e…	NVD-CWE-Other	CVE-2005-0868	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307077	-	oracle	10g_reports_server	Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) reppr…	NVD-CWE-Other	CVE-2005-0873	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307078	-	cerulean_studios	trillian	Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP …	NVD-CWE-Other	CVE-2005-0874	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307079	-	cerulean_studios	trillian	Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response heade…	NVD-CWE-Other	CVE-2005-0875	2016-10-18 12:15	2005-05-2	Show	GitHub Exploit DB Packet Storm

307080	-	smail	smail	Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.	NVD-CWE-Other	CVE-2005-0892	2016-10-18 12:15	2005-03-28	Show	GitHub Exploit DB Packet Storm