Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227261	7.6	危険	quark	-	Windows 用の QuarkXPress におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-3678	2012-12-20 18:33	2007-07-11	Show	GitHub Exploit DB Packet Storm

227262	6.9	警告	シマンテック	-	Symantec AntiVirus Corporate Edition などに同梱されている Symantec symtdi.sys における権限を取得される脆弱性	-	CVE-2007-3673	2012-12-20 18:33	2007-07-11	Show	GitHub Exploit DB Packet Storm

227263	7.5	危険	シマンテック	-	Symantec Norton Ghost の RemoteCommand.DLL におけるバッファオーバーフローの脆弱性	-	CVE-2007-3666	2012-12-20 18:33	2007-07-10	Show	GitHub Exploit DB Packet Storm

227264	5	警告	シマンテック	-	Symantec Norton Ghost の FileBackup.DLL におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3665	2012-12-20 18:33	2007-07-10	Show	GitHub Exploit DB Packet Storm

227265	7.5	危険	Wafer	-	Webmatic における SQL インジェクションの脆弱性	-	CVE-2007-3648	2012-12-20 18:33	2007-07-10	Show	GitHub Exploit DB Packet Storm

227266	10	危険	ZoneO-soft	-	phpTrafficA の Php/login.inc.php における認証を回避される脆弱性	-	CVE-2007-3647	2012-12-20 18:33	2007-07-10	Show	GitHub Exploit DB Packet Storm

227267	4	警告	WordPress.org	-	WordPress における重要な情報を取得される脆弱性	-	CVE-2007-3639	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

227268	6	警告	Yahoo!	-	Yahoo! Messenger におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-3638	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

227269	7.5	危険	SquirrelMail Project	-	Squirrelmail 用の GPG Plugin における任意のコマンドを実行される脆弱性	-	CVE-2007-3636	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

227270	4.3	警告	SquirrelMail Project	-	Squirrelmail 用の GPG Plugin における特定のコマンドを挿入される脆弱性	CWE-noinfo 情報不足	CVE-2007-3635	2012-12-20 18:33	2007-07-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 28, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
631	8.8	HIGH Network	cps-it	mailqueue	La extensión no define correctamente las clases permitidas utilizadas al deserializar metadatos de fallo de transporte. Un atacante puede explotar esto para ejecutar código serializado no confiable. … New	CWE-502 Deserialization of Untrusted Data	CVE-2026-1323	2026-04-26 03:37	2026-03-17	Show	GitHub Exploit DB Packet Storm

632	9.4	CRITICAL Network	dgraph	dgraph	Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered o… Update	CWE-200 CWE-215 CWE-522 Information Exposure Insertion of Sensitive Information Into Debugging Code Insufficiently Protected Credentials	CVE-2026-40173	2026-04-26 03:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

633	7.8	HIGH Local	getcomposer	composer	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::generateP4Command() method, which constructs she… Update	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2026-40176	2026-04-26 03:24	2026-04-16	Show	GitHub Exploit DB Packet Storm

634	6.1	MEDIUM Network	apostrophecms	apostrophecms sanitize-html	ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasse… Update	CWE-79 Cross-site Scripting	CVE-2026-40186	2026-04-26 03:15	2026-04-16	Show	GitHub Exploit DB Packet Storm

635	8.8	HIGH Network	getcomposer	composer	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase() method, which appends the $source… Update	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2026-40261	2026-04-26 03:12	2026-04-16	Show	GitHub Exploit DB Packet Storm

636	8.1	HIGH Network	hashicorp	vault	An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulne… Update	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-3605	2026-04-26 03:08	2026-04-17	Show	GitHub Exploit DB Packet Storm

637	9.8	CRITICAL Network	hcltech	aion	HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise. New	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2025-52660	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

638	9.8	CRITICAL Network	hcltech	aion	HCL AION está afectado por una vulnerabilidad de carga de archivos sin restricciones. Esto puede permitir cargas de archivos maliciosos, lo que podría resultar en ejecución de código no autorizada o … New	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2025-52660	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

639	5.3	MEDIUM Network	hcltech	aion	HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibili… New	CWE-693 Protection Mechanism Failure	CVE-2025-55249	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

640	5.3	MEDIUM Network	hcltech	aion	HCL AION está afectado por una vulnerabilidad de encabezados de respuesta de seguridad faltantes. La ausencia de encabezados de seguridad estándar puede debilitar la postura de seguridad general de l… New	CWE-693 Protection Mechanism Failure	CVE-2025-55249	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm