Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227131 6 警告 taskfreak - TaskFreak! の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0270 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
227132 6.8 警告 wavelink media - TutorialCMS の activate.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0254 2012-12-20 18:34 2008-01-15 Show GitHub Exploit DB Packet Storm
227133 5 警告 php webquest - PHP Webquest におけるデータベースの資格情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-0249 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
227134 9.3 危険 streamaudio - StreamAudio ChainCast ProxyManager の ccpm_0237.dll におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0248 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
227135 10 危険 uploadscript - UploadScript の admin.php における管理者の権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0246 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
227136 7.5 危険 uploadscript - UploadImage の admin.php における管理者の権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-0245 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
227137 10 危険 SAP - SAP MaxDB における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0244 2012-12-20 18:34 2008-01-11 Show GitHub Exploit DB Packet Storm
227138 5.8 警告 サン・マイクロシステムズ - Sun Java System Identity Manager の /idm/user/login.jsp におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2008-0241 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
227139 4.3 警告 サン・マイクロシステムズ - Sun Java System Identity Manager の /idm/help/index.jsp におけるフィッシング攻撃を実行される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0240 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
227140 4.3 警告 サン・マイクロシステムズ - Sun Java System Identity Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0239 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
851 5.3 MEDIUM
Network 		- - @astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from _astro path with an incorrect/malformed if-match header returns a 500 er… Update CWE-525
 Use of Web Browser Cache Containing Sensitive Information 		CVE-2026-41322 2026-04-28 03:53 2026-04-25 Show GitHub Exploit DB Packet Storm
852 - - - SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check (IsSensitivePath) but did not address the root cause — a redundan… Update CWE-22
Path Traversal 		CVE-2026-41894 2026-04-28 03:53 2026-04-25 Show GitHub Exploit DB Packet Storm
853 8.8 HIGH
Local 		- - SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer. The notification route POST /api/n… Update CWE-78
CWE-79
OS Command 
Cross-site Scripting 		CVE-2026-41421 2026-04-28 03:53 2026-04-25 Show GitHub Exploit DB Packet Storm
854 8.4 HIGH
Local 		- - Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attacker… Update CWE-120
Classic Buffer Overflow 		CVE-2018-25263 2026-04-28 03:53 2026-04-27 Show GitHub Exploit DB Packet Storm
855 6.2 MEDIUM
Local 		- - Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a 2000-byte payload into the… Update CWE-120
Classic Buffer Overflow 		CVE-2018-25275 2026-04-28 03:53 2026-04-27 Show GitHub Exploit DB Packet Storm
856 6.2 MEDIUM
Local 		- - Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can create a ma… Update CWE-120
Classic Buffer Overflow 		CVE-2018-25292 2026-04-28 03:53 2026-04-27 Show GitHub Exploit DB Packet Storm
857 6.2 MEDIUM
Local 		- - Prime95 29.4b7 contains a buffer overflow vulnerability in the PrimeNet connection dialog that allows local attackers to crash the application by supplying an excessively long string in the optional … Update CWE-120
Classic Buffer Overflow 		CVE-2018-25293 2026-04-28 03:53 2026-04-27 Show GitHub Exploit DB Packet Storm
858 7.5 HIGH
Network 		- - CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input. Attackers can inject 4000 bytes of data… Update CWE-120
Classic Buffer Overflow 		CVE-2018-25294 2026-04-28 03:53 2026-04-27 Show GitHub Exploit DB Packet Storm
859 6.2 MEDIUM
Local 		- - ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers … Update CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2018-25295 2026-04-28 03:53 2026-04-27 Show GitHub Exploit DB Packet Storm
860 5.5 MEDIUM
Local 		- - P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input strin… Update CWE-120
Classic Buffer Overflow 		CVE-2018-25296 2026-04-28 03:53 2026-04-27 Show GitHub Exploit DB Packet Storm