Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228731 6.8 警告 ヤフー株式会社 - Yahoo! Toolbar の yt.ythelper.2 ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6228 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228732 7.2 危険 Fabrice Bellard - QEMU における TranslationBlock バッファを上書きされる脆弱性 CWE-119
バッファエラー 		CVE-2007-6227 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228733 5 警告 リアルネットワークス - RealPlayer に同梱されている rmoc3260.dll におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6224 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228734 7.5 危険 phpBB - phpBB Garage の garage.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6223 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228735 7.8 危険 tumusika evolution - TuMusika Evolution における設定ファイルを取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-6221 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228736 5 警告 typespeed - typespeed におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2007-6220 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228737 5 警告 web-meetme - Web-MeetMe の play.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6215 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228738 5 警告 webed - WebED の mod/chat/index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6213 2012-12-20 18:34 2007-12-4 Show GitHub Exploit DB Packet Storm
228739 7.2 危険 sing - Debian GNU/Linux 上で稼動している sing における任意のファイルを追加される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-6211 2012-12-20 18:34 2007-12-3 Show GitHub Exploit DB Packet Storm
228740 2.1 注意 Zabbix - ZABBIX の zabbix_agentd における権限を取得される脆弱性 CWE-16
環境設定 		CVE-2007-6210 2012-12-20 18:34 2007-11-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2371 7.3 HIGH
Network 		- - A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protections. When an archive is downloaded from the internet and e… CWE-290
 Authentication Bypass by Spoofing 		CVE-2025-50328 2026-05-1 00:48 2026-04-30 Show GitHub Exploit DB Packet Storm
2372 4.0 MEDIUM
Local 		- - Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c. CWE-190
 Integer Overflow or Wraparound 		CVE-2026-42798 2026-05-1 00:48 2026-04-30 Show GitHub Exploit DB Packet Storm
2373 4.4 MEDIUM
Local 		- - AgentFlow's local web API accepts non-JSON content types on POST /api/runs and POST /api/runs/validate endpoints without enforcing application/json validation, allowing attackers to bypass trust-boun… CWE-346
 Origin Validation Error 		CVE-2026-7439 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
2374 8.8 HIGH
Network 		- - AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipeline_path parameter to the POST /api/runs … CWE-94
Code Injection 		CVE-2026-7466 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
2375 8.2 HIGH
Network 		- - XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers c… CWE-89
SQL Injection 		CVE-2018-25300 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
2376 8.4 HIGH
Local 		- - Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious userna… CWE-120
Classic Buffer Overflow 		CVE-2018-25301 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
2377 8.4 HIGH
Local 		- - Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploita… CWE-120
Classic Buffer Overflow 		CVE-2018-25304 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
2378 8.4 HIGH
Local 		- - SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key… CWE-120
Classic Buffer Overflow 		CVE-2018-25307 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
2379 8.8 HIGH
Network 		- - BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attack… CWE-22
Path Traversal 		CVE-2018-25308 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm
2380 6.2 MEDIUM
Local 		- - SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can in… CWE-120
Classic Buffer Overflow 		CVE-2018-25313 2026-05-1 00:44 2026-04-30 Show GitHub Exploit DB Packet Storm