Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251571	6.9	警告	Google	-	Android における Manifest.permission.CAMER および Manifest.permission.AUDIO_RECORD の設定を回避される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2348	2011-02-23 15:19	2009-05-26	Show	GitHub Exploit DB Packet Storm

251572	7.5	危険	Google	-	Android の PackageManagerService クラスにおけるアプリケーションのデータにアクセスされる脆弱性	CWE-287 不適切な認証	CVE-2009-1754	2011-02-23 15:17	2009-05-26	Show	GitHub Exploit DB Packet Storm

251573	5	警告	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイス上で稼働する emWEB におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4677	2011-02-23 15:14	2011-01-7	Show	GitHub Exploit DB Packet Storm

251574	6.8	警告	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4676	2011-02-23 15:11	2011-01-7	Show	GitHub Exploit DB Packet Storm

251575	9	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4675	2011-02-23 15:09	2011-01-7	Show	GitHub Exploit DB Packet Storm

251576	7.8	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4673	2011-02-23 15:05	2011-01-7	Show	GitHub Exploit DB Packet Storm

251577	7.8	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4672	2011-02-23 14:59	2011-01-7	Show	GitHub Exploit DB Packet Storm

251578	5	警告	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-5037	2011-02-23 14:56	2011-01-7	Show	GitHub Exploit DB Packet Storm

251579	7.8	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-4692	2011-02-23 14:54	2011-01-7	Show	GitHub Exploit DB Packet Storm

251580	7.8	危険	シスコシステムズ	-	Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-4691	2011-02-23 14:50	2011-01-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1361	4.3	MEDIUM Network	ayacoo	redirect_tab	La extensión falla al verificar si un usuario autenticado tiene permisos para acceder a las redirecciones, resultando en la exposición de registros de redirección al editar una página.	CWE-200 CWE-862 Information Exposure Missing Authorization	CVE-2026-4202	2026-04-26 03:40	2026-03-17	Show	GitHub Exploit DB Packet Storm

1362	8.8	HIGH Network	cps-it	mailqueue	The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active explo…	CWE-502 Deserialization of Untrusted Data	CVE-2026-1323	2026-04-26 03:37	2026-03-17	Show	GitHub Exploit DB Packet Storm

1363	8.8	HIGH Network	cps-it	mailqueue	La extensión no define correctamente las clases permitidas utilizadas al deserializar metadatos de fallo de transporte. Un atacante puede explotar esto para ejecutar código serializado no confiable. …	CWE-502 Deserialization of Untrusted Data	CVE-2026-1323	2026-04-26 03:37	2026-03-17	Show	GitHub Exploit DB Packet Storm

1364	9.4	CRITICAL Network	dgraph	dgraph	Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered o…	CWE-200 CWE-215 CWE-522 Information Exposure Insertion of Sensitive Information Into Debugging Code Insufficiently Protected Credentials	CVE-2026-40173	2026-04-26 03:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

1365	7.8	HIGH Local	getcomposer	composer	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::generateP4Command() method, which constructs she…	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2026-40176	2026-04-26 03:24	2026-04-16	Show	GitHub Exploit DB Packet Storm

1366	6.1	MEDIUM Network	apostrophecms	apostrophecms sanitize-html	ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasse…	CWE-79 Cross-site Scripting	CVE-2026-40186	2026-04-26 03:15	2026-04-16	Show	GitHub Exploit DB Packet Storm

1367	8.8	HIGH Network	getcomposer	composer	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase() method, which appends the $source…	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2026-40261	2026-04-26 03:12	2026-04-16	Show	GitHub Exploit DB Packet Storm

1368	8.1	HIGH Network	hashicorp	vault	An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulne…	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-3605	2026-04-26 03:08	2026-04-17	Show	GitHub Exploit DB Packet Storm

1369	9.8	CRITICAL Network	hcltech	aion	HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2025-52660	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

1370	9.8	CRITICAL Network	hcltech	aion	HCL AION está afectado por una vulnerabilidad de carga de archivos sin restricciones. Esto puede permitir cargas de archivos maliciosos, lo que podría resultar en ejecución de código no autorizada o …	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2025-52660	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm