Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229291	7.5	危険	LibVNC	-	LibVNCServer の auth.c における認証を回避される脆弱性	-	CVE-2006-2450	2012-12-20 18:02	2006-07-18	Show	GitHub Exploit DB Packet Storm

229292	5	警告	tamarack consulting	-	Tamarack MMSd におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-1178	2012-12-20 18:02	2006-07-28	Show	GitHub Exploit DB Packet Storm

229293	4	警告	merak IceWarp, Inc. deerfield	-	MERAK Mail Server および VisNetic MailServer における絶対パスディレクトリトラバーサルの脆弱性	-	CVE-2006-0818	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

229294	5	警告	merak IceWarp, Inc. deerfield	-	MERAK Mail Server および VisNetic MailServer における絶対パスディレクトリトラバーサルの脆弱性	-	CVE-2006-0817	2012-12-20 18:02	2006-07-21	Show	GitHub Exploit DB Packet Storm

229295	6.1	警告	Huawei	-	Huawei E585 デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2012-5970	2012-12-20 15:58	2012-12-3	Show	GitHub Exploit DB Packet Storm

229296	4.8	警告	Huawei	-	Huawei E585 デバイスにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-5969	2012-12-20 15:55	2012-11-24	Show	GitHub Exploit DB Packet Storm

229297	4.8	警告	Huawei	-	Huawei E585 デバイスにおける重要なユーザ情報およびセッション ID を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2012-5968	2012-12-20 15:53	2012-11-24	Show	GitHub Exploit DB Packet Storm

229298	6.1	警告	Tropos Networks	-	Tropos wireless mesh router の Mesh OS におけるデバイスになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2012-4898	2012-12-20 15:50	2012-12-10	Show	GitHub Exploit DB Packet Storm

229299	1.9	注意	Invensys シーメンス	-	Invensys Wonderware InTouch および Siemens ProcessSuite におけるパスワードを発見される脆弱性	CWE-310 暗号の問題	CVE-2012-4693	2012-12-20 15:39	2012-12-11	Show	GitHub Exploit DB Packet Storm

229300	3.3	注意	シーメンス	-	Siemens Automation License Manager におけるサービス運用妨害 (メモリ消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-4691	2012-12-20 15:32	2012-12-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221	6.6	MEDIUM Network	-	-	OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface. New	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2026-42510	2026-04-28 16:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

222	8.6	HIGH Network	-	-	In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are no… New	CWE-94 Code Injection	CVE-2026-40967	2026-04-28 16:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

223	5.9	MEDIUM Network	-	-	In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registe… New	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2026-40356	2026-04-28 16:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

224	7.3	HIGH Network	-	-	A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function get_cart_count of the file /admin/ajax.php?action=get_cart_count. This manipulation of the a… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7228	2026-04-28 15:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

225	7.3	HIGH Network	-	-	A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results i… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7227	2026-04-28 15:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

226	7.3	HIGH Network	-	-	A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects the function login2 of the file /admin/ajax.php?action=login2. The manipulation of the ar… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7226	2026-04-28 15:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

227	7.3	HIGH Network	-	-	A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function delete_menu of the file /admin/ajax.php?action=delete_menu. Executing a manipula… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7225	2026-04-28 15:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

228	7.3	HIGH Network	-	-	A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function delete_cart of the file /admin/ajax.php?action=delete_cart. Performing a manipulation of … New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7224	2026-04-28 15:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

229	6.4	MEDIUM Network	-	-	The Social Post Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Threads embed handler in all versions up to, and including, 2.0.1. This is due to insufficient input sa… New	CWE-79 Cross-site Scripting	CVE-2026-6809	2026-04-28 15:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

230	6.4	MEDIUM Network	-	-	The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the `wpcsm_text_rotator` shortcode in all versions up to, and incl… New	CWE-79 Cross-site Scripting	CVE-2026-6725	2026-04-28 15:16	2026-04-28	Show	GitHub Exploit DB Packet Storm