Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227611	7.5	危険	pixaria	-	Pixaria Gallery の resources/includes/class.Smarty.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2457	2012-12-20 18:19	2007-04-15	Show	GitHub Exploit DB Packet Storm

227612	2.1	注意	CollabNet, Inc.	-	Subversion における重要な情報 (プロパティの改定) を取得される脆弱性	-	CVE-2007-2448	2012-12-20 18:19	2007-06-14	Show	GitHub Exploit DB Packet Storm

227613	6.8	警告	tecnick.com	-	TCExam の shared/config/tce_config.php におけるクロスサイトスクリプティング攻撃 (XSS) を実行される脆弱性	-	CVE-2007-2431	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

227614	7.8	危険	tecnick.com	-	TCExam の shared/code/tce_tmx.php における cache/ 配下の任意の PHP ファイルを作成される脆弱性	-	CVE-2007-2430	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

227615	7.5	危険	pnflashgames	-	PostNuke 用の pnFlashGames モジュールの index.php における SQL インジェクションの脆弱性	-	CVE-2007-2427	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

227616	7.5	危険	wildbits	-	WordPress 用の myGallery プラグインにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2426	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

227617	7.5	危険	the merchant project	-	themerchant の help/index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2424	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

227618	10	危険	RSAセキュリティ Progress Software Corporation	-	複数の RSA 製品で使用される Progress Software Progress および OpenEdge におけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-2417	2012-12-20 18:19	2007-07-15	Show	GitHub Exploit DB Packet Storm

227619	5	警告	pi3web	-	Pi3Web Web Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-2415	2012-12-20 18:19	2007-05-1	Show	GitHub Exploit DB Packet Storm

227620	4	警告	Samba Project	-	Apple Mac OS X 上で稼動している Samba サーバにおける割り当てを超えるディスクスペースを使用される脆弱性	-	CVE-2007-2407	2012-12-20 18:19	2007-07-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
991	3.7	LOW Network	-	-	Se encontró una vulnerabilidad en glib. La falta de validación de los parámetros offset y count en la función g_buffered_input_stream_peek() puede conducir a un desbordamiento de entero durante el cá…	CWE-190 Integer Overflow or Wraparound	CVE-2026-0988	2026-04-25 06:16	2026-01-21	Show	GitHub Exploit DB Packet Storm

992	6.5	MEDIUM Network	linuxfoundation	tekton_pipelines	Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API toke…	CWE-201 NVD-CWE-noinfo Insertion of Sensitive Information Into Sent Data	CVE-2026-40161	2026-04-25 05:55	2026-04-22	Show	GitHub Exploit DB Packet Storm

993	7.5	HIGH Network	signalk	signal_k_server	Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service (ReDoS) attack within …	CWE-400 CWE-1333 Uncontrolled Resource Consumption Inefficient Regular Expression Complexity	CVE-2026-39320	2026-04-25 05:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

994	7.1	HIGH Local	craigjbass	clearancekit	ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Si…	CWE-863 Incorrect Authorization	CVE-2026-40599	2026-04-25 05:50	2026-04-22	Show	GitHub Exploit DB Packet Storm

995	4.4	MEDIUM Local	craigjbass	clearancekit	ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension (bundle ID uk.craigbass.clearancek…	CWE-693 Protection Mechanism Failure	CVE-2026-40604	2026-04-25 05:49	2026-04-22	Show	GitHub Exploit DB Packet Storm

996	8.8	HIGH Network	goshs	goshs	goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP root escape caused by prefix-based path validation. An authenticated SFTP user can read from and write to file…	CWE-22 Path Traversal	CVE-2026-40876	2026-04-25 05:38	2026-04-22	Show	GitHub Exploit DB Packet Storm

997	5.5	MEDIUM Local	hkuds	openharness	OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting incomplete path normalization in the permission checker. Attac…	CWE-863 Incorrect Authorization	CVE-2026-40515	2026-04-25 05:34	2026-04-18	Show	GitHub Exploit DB Packet Storm

998	6.3	MEDIUM Local	hkuds	openharness	OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the web_fetch and web_search tools that allows attackers to access private and localhost HTTP services by man…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-40516	2026-04-25 05:32	2026-04-18	Show	GitHub Exploit DB Packet Storm

999	7.5	HIGH Network	firebirdsql	firebird	Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher se…	CWE-200 NVD-CWE-noinfo Information Exposure	CVE-2025-65104	2026-04-25 05:27	2026-04-18	Show	GitHub Exploit DB Packet Storm

1000	9.8	CRITICAL Network	samsung	magicinfo_9_server	Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.	CWE-22 CWE-434 Path Traversal Unrestricted Upload of File with Dangerous Type	CVE-2024-7399	2026-04-25 05:23	2024-08-12	Show	GitHub Exploit DB Packet Storm