Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229581	2.1	注意	PHPNUKE	-	PHP-Nuke 用の AutoHTML モジュールの autohtml.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4190	2012-12-20 18:02	2006-08-16	Show	GitHub Exploit DB Packet Storm

229582	4.9	警告	smartline	-	SmartLine DeviceLock における NTFS コントロールを回避される脆弱性	-	CVE-2006-4184	2012-12-20 18:02	2006-08-16	Show	GitHub Exploit DB Packet Storm

229583	7.5	危険	TinyWebGallery	-	TinyWebGallery における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4166	2012-12-20 18:02	2006-08-16	Show	GitHub Exploit DB Packet Storm

229584	7.5	危険	phpprintanalyzer	-	phpPrintAnalyzer の inc/header.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4164	2012-12-20 18:02	2006-08-16	Show	GitHub Exploit DB Packet Storm

229585	5	警告	xennobb	-	XennoBB の profile.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4161	2012-12-20 18:02	2006-08-16	Show	GitHub Exploit DB Packet Storm

229586	7.8	危険	サン・マイクロシステムズ	-	Sun Java System Directory Server および ONE Directory Server の LDAP server におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4175	2012-12-20 18:02	2007-03-23	Show	GitHub Exploit DB Packet Storm

229587	5.5	警告	SquirrelMail Project	-	Squirrelmail 用の GPG Plugin におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-4169	2012-12-20 18:02	2007-07-15	Show	GitHub Exploit DB Packet Storm

229588	7.5	危険	tutti nova	-	Tutti Nova における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4277	2012-12-20 18:02	2006-08-21	Show	GitHub Exploit DB Packet Storm

229589	7.5	危険	tutti nova	-	Tutti Nova における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4276	2012-12-20 18:02	2006-08-21	Show	GitHub Exploit DB Packet Storm

229590	3.6	注意	シマンテック	-	Symantec Norton Personal Firewall におけるトロイの木馬ライプラリを追加される脆弱性	-	CVE-2006-4266	2012-12-20 18:02	2006-08-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
371	5.5	MEDIUM Local	foxit	pdf_editor pdf_reader	A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution. Update	CWE-416 Use After Free	CVE-2026-5939	2026-04-30 02:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

372	5.5	MEDIUM Local	foxit	pdf_editor pdf_reader	Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes. Update	CWE-416 Use After Free	CVE-2026-5940	2026-04-30 02:26	2026-04-27	Show	GitHub Exploit DB Packet Storm

373	7.1	HIGH Local	foxit	pdf_editor pdf_reader	Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during inte… Update	CWE-20 NVD-CWE-noinfo Improper Input Validation	CVE-2026-5941	2026-04-30 02:24	2026-04-27	Show	GitHub Exploit DB Packet Storm

374	5.5	MEDIUM Local	foxit	pdf_editor pdf_reader	Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program. Update	CWE-416 Use After Free	CVE-2026-5942	2026-04-30 02:18	2026-04-27	Show	GitHub Exploit DB Packet Storm

375	7.8	HIGH Local	foxit	pdf_editor pdf_reader	Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not pro… Update	CWE-416 Use After Free	CVE-2026-5943	2026-04-30 02:18	2026-04-27	Show	GitHub Exploit DB Packet Storm

376	4.7	MEDIUM Network	-	-	A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save_menu of the file /admin/admin_class_novo.php of the component File Extension Handler. Performin… New	CWE-284 CWE-434 Improper Access Control Unrestricted Upload of File with Dangerous Type	CVE-2026-7393	2026-04-30 02:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

377	6.3	MEDIUM Network	-	-	A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete_supplier of the file /ajax.php?action=delete_supplier. Such manipulation of … New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7392	2026-04-30 02:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

378	6.3	MEDIUM Network	-	-	A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function save_supplier of the file /ajax.php?action=save_supplier. This manipulation of the argument … New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7391	2026-04-30 02:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

379	6.1	MEDIUM Local	artifex	mupdf	A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulatio… New	CWE-119 CWE-125 Incorrect Access of Indexable Resource ('Range Error') Out-of-bounds Read	CVE-2026-7233	2026-04-30 02:15	2026-04-28	Show	GitHub Exploit DB Packet Storm

380	5.3	MEDIUM Local	openclaw	openclaw	OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit appro… Update	CWE-184 Incomplete Blacklist	CVE-2026-41332	2026-04-30 02:10	2026-04-24	Show	GitHub Exploit DB Packet Storm