Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229431 4.9 警告 VMware
Linux		 - x86 プラットフォーム上の Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2011-3209 2012-12-17 15:59 2008-07-13 Show GitHub Exploit DB Packet Storm
229432 7.8 危険 VMware
Linux		 - Linux Kernel の IPv4 と IPv6 の実装におけるサービス運用妨害 (ネットワーク障害) の脆弱性 CWE-DesignError
CVE-2011-3188 2012-12-17 15:57 2012-05-24 Show GitHub Exploit DB Packet Storm
229433 4.3 警告 VideoLAN - VideoLAN VLC media player の libpng_plugin におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-119
バッファエラー 		CVE-2012-5470 2012-12-17 13:47 2012-10-26 Show GitHub Exploit DB Packet Storm
229434 2.1 注意 シトリックス・システムズ - Xen におけるサービス運用妨害 (無限ループ および ハングアップまたはクラッシュ) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4539 2012-12-17 13:43 2012-11-13 Show GitHub Exploit DB Packet Storm
229435 4.9 警告 シトリックス・システムズ - Xen の HVMOP_pagetable_dying ハイパーコールにおけるサービス運用妨害 (ハイパーバイザクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4538 2012-12-17 13:41 2012-11-13 Show GitHub Exploit DB Packet Storm
229436 2.1 注意 シトリックス・システムズ - Xen におけるサービス運用妨害 (メモリ消費および表明違反) の脆弱性 CWE-16
環境設定 		CVE-2012-4537 2012-12-17 12:30 2012-11-13 Show GitHub Exploit DB Packet Storm
229437 1.9 注意 シトリックス・システムズ - Xen におけるサービス運用妨害 (Xen の無限ループおよび物理 CPU の消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4535 2012-12-17 12:28 2012-11-13 Show GitHub Exploit DB Packet Storm
229438 4.3 警告 Wikka Development Team - WikkaWiki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2012-12-17 12:15 2012-12-17 Show GitHub Exploit DB Packet Storm
229439 4.3 警告 Netsweeper, Inc. - Netsweeper の WebAdmin Portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2446 2012-12-17 11:02 2012-07-9 Show GitHub Exploit DB Packet Storm
229440 10 危険 Netsweeper, Inc. - Netsweeper の WebAdmin Portal における脆弱性 CWE-noinfo
情報不足 		CVE-2012-3859 2012-12-17 10:56 2012-07-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 28, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 - - - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as reque… Update CWE-674
 Uncontrolled Recursion 		CVE-2026-42039 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
12 3.7 LOW
Network 		- - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode() function in lib/helpers/AxiosURLSearchParams.js contains a character mapping (charMap) at li… Update CWE-116
CWE-626
 Improper Encoding or Escaping of Output 		CVE-2026-42040 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
13 5.4 MEDIUM
Network 		- - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library's XSRF token protection logic uses JavaScript truthy/falsy semantics instead of strict … Update CWE-183
CWE-201
 Permissive List of Allowed Inputs
 Insertion of Sensitive Information Into Sent Data 		CVE-2026-42042 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
14 7.2 HIGH
Network 		- - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence the target URL of an Axios request can use any address in the 127.0.0.0/8 r… Update CWE-183
CWE-441
CWE-918
 Permissive List of Allowed Inputs
Confused Deputy
Server-Side Request Forgery (SSRF)  		CVE-2026-42043 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
15 7.5 HIGH
Network 		- - Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, a crafted payload as small as 4-5 bytes can force memory allocations of up t… New CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2026-33524 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
16 7.5 HIGH
Network 		- - Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes() / readString(), the setBitPosition() bounds… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-33666 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
17 - - - Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFil… New CWE-61
 UNIX Symbolic Link (Symlink) Following 		CVE-2026-41326 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
18 7.4 HIGH
Network 		- - Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with … New CWE-94
Code Injection 		CVE-2026-41414 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
19 - - - PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message bod… New CWE-125
Out-of-bounds Read 		CVE-2026-41415 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm
20 - - - PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an integer overflow in media stream buffer size calculation when processing SDP with asymm… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-41416 2026-04-28 03:57 2026-04-25 Show GitHub Exploit DB Packet Storm