Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228031	6.6	警告	トレンドマイクロ	-	Trend Micro PC-Cillin Internet Security 2007 などで使用されている Trend Micro AntiVirus スキャンエンジンにおけるバッファオーバーフローの脆弱性	CWE-119 CWE-264	CVE-2007-4277	2012-12-20 18:33	2007-10-30	Show	GitHub Exploit DB Packet Storm

228032	4.3	警告	visionera ab	-	VisionProject におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4265	2012-12-20 18:33	2007-08-9	Show	GitHub Exploit DB Packet Storm

228033	7.5	危険	prozilla	-	Prozilla Pub Site Directory の directory.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-4258	2012-12-20 18:33	2007-08-8	Show	GitHub Exploit DB Packet Storm

228034	5	警告	ynp	-	YNP Portal System の showpage.cgi におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-4256	2012-12-20 18:33	2007-08-8	Show	GitHub Exploit DB Packet Storm

228035	4.3	警告	toolbar gaming	-	Internet Explorer 用の Toolbar Gaming ツールバーにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-4248	2012-12-20 18:33	2007-08-8	Show	GitHub Exploit DB Packet Storm

228036	9.3	危険	vietphp	-	VietPHP における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-4235	2012-12-20 18:33	2007-08-8	Show	GitHub Exploit DB Packet Storm

228037	4.3	警告	PHPNUKE	-	PHP-Nuke の Search モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-4212	2012-12-20 18:33	2007-08-7	Show	GitHub Exploit DB Packet Storm

228038	7.5	危険	redline software	-	la-nai CMS の module.php における SQL インジェクションの脆弱性	-	CVE-2007-4210	2012-12-20 18:33	2007-08-7	Show	GitHub Exploit DB Packet Storm

228039	4.3	警告	The Sleuth Kit	-	Brian Carrier TSK の ext2fs.c におけるサービス運用妨害 (DoS) 脆弱性	-	CVE-2007-4195	2012-12-20 18:33	2007-08-7	Show	GitHub Exploit DB Packet Storm

228040	5	警告	TIBCO Software	-	TIBCO RV クライアントのデフォルト設定におけるメッセージの内容をキャプチャされる脆弱性	-	CVE-2007-4160	2012-12-20 18:33	2007-08-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1611	6.6	MEDIUM Local	saurabh-kumar	python-dotenv	python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, `set_key()` and `unset_key()` in python-dotenv follow symbolic links when rewri…	CWE-59 CWE-61 Link Following UNIX Symbolic Link (Symlink) Following	CVE-2026-28684	2026-04-27 22:44	2026-04-21	Show	GitHub Exploit DB Packet Storm

1612	8.1	HIGH Network	apache	dolphinscheduler	Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution…	CWE-863 Incorrect Authorization	CVE-2026-23902	2026-04-27 22:42	2026-04-24	Show	GitHub Exploit DB Packet Storm

1613	6.1	MEDIUM Network	astro	astro	Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex /<\/script>/g to sanitize values injected into inline <sc…	CWE-79 Cross-site Scripting	CVE-2026-41067	2026-04-27 22:41	2026-04-25	Show	GitHub Exploit DB Packet Storm

1614	5.4	MEDIUM Adjacent	openprinting	cups	OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP bac…	CWE-125 CWE-200 Out-of-bounds Read Information Exposure	CVE-2026-41079	2026-04-27 22:40	2026-04-25	Show	GitHub Exploit DB Packet Storm

1615	6.6	MEDIUM Local	vim	vim	Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file …	CWE-78 OS Command	CVE-2026-41411	2026-04-27 22:39	2026-04-25	Show	GitHub Exploit DB Packet Storm

1616	9.8	CRITICAL Network	oracle	advanced_inbound_telephony	Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: Setup and Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily explo…	CWE-306 Missing Authentication for Critical Function	CVE-2026-34275	2026-04-27 22:09	2026-04-22	Show	GitHub Exploit DB Packet Storm

1617	6.5	MEDIUM Network	oracle	peoplesoft_enterprise_fin_contracts	Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft (component: Contracts). The supported version that is affected is 9.2. Easily exploitable vulnerability allows …	CWE-200 Information Exposure	CVE-2026-34300	2026-04-27 22:08	2026-04-22	Show	GitHub Exploit DB Packet Storm

1618	2.4	LOW Network	oracle	database_server	Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Acces…	CWE-284 Improper Access Control	CVE-2026-34312	2026-04-27 22:04	2026-04-22	Show	GitHub Exploit DB Packet Storm

1619	5.4	MEDIUM Network	oracle	fusion_middleware	Vulnerability in Oracle Fusion Middleware (component: Dynamic Monitoring Service). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low pr…	CWE-284 Improper Access Control	CVE-2026-35232	2026-04-27 22:03	2026-04-22	Show	GitHub Exploit DB Packet Storm

1620	6.4	MEDIUM Network	oracle	fusion_middleware	Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: C Oracle SSL API). Supported versions that are affected are 12.2.1.4.0 and 12.1.3.0.0. Difficult to expl…	CWE-284 Improper Access Control	CVE-2026-35252	2026-04-27 22:02	2026-04-22	Show	GitHub Exploit DB Packet Storm