Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228791	7.5	危険	sven moderow	-	Sven Moderow GuestBook におけるパスワードを含むデータベースをダウンロードされる脆弱性	-	CVE-2007-0094	2012-12-20 18:19	2007-01-5	Show	GitHub Exploit DB Packet Storm

228792	7.5	危険	uniforum	-	uniForum の wbsearch.aspx における SQL インジェクションの脆弱性	-	CVE-2007-0226	2012-12-20 18:19	2007-01-12	Show	GitHub Exploit DB Packet Storm

228793	6.8	警告	virtual programming	-	VP-ASP Shopping Cart の shopcustadmin.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0225	2012-12-20 18:19	2007-01-12	Show	GitHub Exploit DB Packet Storm

228794	7.5	危険	virtual programming	-	VP-ASP Shopping Cart の shopgiftregsearch.asp における SQL インジェクションの脆弱性	-	CVE-2007-0224	2012-12-20 18:19	2007-01-12	Show	GitHub Exploit DB Packet Storm

228795	6.8	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0204	2012-12-20 18:19	2007-01-11	Show	GitHub Exploit DB Packet Storm

228796	10	危険	The phpMyAdmin Project	-	phpMyAdmin における脆弱性	-	CVE-2007-0203	2012-12-20 18:19	2007-01-11	Show	GitHub Exploit DB Packet Storm

228797	10	危険	tis	-	TIS Internet FWTK の ftp-gw におけるバッファオーバーフローの脆弱性	-	CVE-2007-0201	2012-12-20 18:19	2007-01-11	Show	GitHub Exploit DB Packet Storm

228798	6.8	警告	サン・マイクロシステムズ	-	iPlanet Web Server の /search におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0183	2012-12-20 18:19	2007-01-12	Show	GitHub Exploit DB Packet Storm

228799	7.5	危険	scriptaty	-	magic photo storage の Web サイトにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0182	2012-12-20 18:19	2007-01-12	Show	GitHub Exploit DB Packet Storm

228800	7.5	危険	scriptaty	-	magic photo storage の Web サイトにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0181	2012-12-20 18:19	2007-01-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
951	6.1	MEDIUM Network	freerdp	freerdp	FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in `channels/drive/client/drive_file.c`. The `contains_dotdot… Update	CWE-193 Off-by-one Error	CVE-2026-40254	2026-04-28 02:44	2026-04-24	Show	GitHub Exploit DB Packet Storm

952	5.5	MEDIUM Local	angryip	angry_ip_scanner	Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers ca… Update	CWE-787 Out-of-bounds Write	CVE-2018-25262	2026-04-28 02:30	2026-04-23	Show	GitHub Exploit DB Packet Storm

953	7.8	HIGH Local	lizardsystems	lanspy	LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attac… Update	CWE-787 Out-of-bounds Write	CVE-2018-25265	2026-04-28 02:28	2026-04-23	Show	GitHub Exploit DB Packet Storm

954	5.5	MEDIUM Local	angryip	angry_ip_scanner	Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can … Update	CWE-787 Out-of-bounds Write	CVE-2018-25266	2026-04-28 02:28	2026-04-23	Show	GitHub Exploit DB Packet Storm

955	7.8	HIGH Local	lizardsystems	lanspy	LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payloa… Update	CWE-787 Out-of-bounds Write	CVE-2018-25268	2026-04-28 02:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

956	9.8	CRITICAL Network	thinkphp	thinkphp	ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can c… Update	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2018-25270	2026-04-28 02:20	2026-04-23	Show	GitHub Exploit DB Packet Storm

957	5.5	MEDIUM Local	helios	textpad	Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attacke… Update	CWE-787 Out-of-bounds Write	CVE-2018-25271	2026-04-28 02:13	2026-04-23	Show	GitHub Exploit DB Packet Storm

958	9.8	CRITICAL Network	dell	powerprotect_dp_series_appliance data_domain_operating_system	Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0… Update	CWE-121 CWE-787 Stack-based Buffer Overflow Out-of-bounds Write	CVE-2026-26354	2026-04-28 02:09	2026-04-23	Show	GitHub Exploit DB Packet Storm

959	6.2	MEDIUM Local	apple	ipados iphone_os	A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly … Update	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2026-28950	2026-04-28 02:07	2026-04-23	Show	GitHub Exploit DB Packet Storm

960	9.1	CRITICAL Network	espocrm	espocrm	EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, EspoCRM's built-in formula scripting engine allowing updating attachment's sourceId thus allowing an au… Update	CWE-22 Path Traversal	CVE-2026-33656	2026-04-28 02:04	2026-04-23	Show	GitHub Exploit DB Packet Storm