Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1271	7.2	重要 Network	MariaDB Corporation Ab.	MariaDB	MariaDB Corporation Ab.のMariaDBにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-48165	2026-06-17 15:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

1272	7.8	重要 Local	レッドハット X.Org Foundation	X.Org X Server Red Hat Enterprise Linux xwayland	レッドハット等の複数ベンダの製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-50264	2026-06-17 15:39	2026-06-5	Show	GitHub Exploit DB Packet Storm

1273	7.5	重要 Network	Express.js	Multer	Express.jsのMulterにおける不完全なクリーンアップに関する脆弱性	CWE-459 不完全なクリーンアップ	CVE-2026-5038	2026-06-17 15:39	2026-06-15	Show	GitHub Exploit DB Packet Storm

1274	7.5	重要 Network	Express.js	Multer	Express.jsのMulterにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-5079	2026-06-17 15:39	2026-06-15	Show	GitHub Exploit DB Packet Storm

1275	8.1	重要 Network	Zoom Video Communications, Inc.	Zoom Meeting SDK Zoom Workplace	Zoom Video Communications, Inc.のZoom Meeting SDK等の複数製品におけるカスタム URL スキームのハンドラの不適切な認可に関する脆弱性	CWE-939 カスタム URL スキームのハンドラの不適切な認可	CVE-2026-53408	2026-06-17 15:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

1276	6.6	警告 Local	OpenClaw	OpenClaw	OpenClawにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-53820	2026-06-17 15:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

1277	8.8	重要 Network	OpenClaw	OpenClaw	OpenClawにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-53821	2026-06-17 15:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

1278	8.8	重要 Network	OpenClaw	OpenClaw	OpenClawにおける複数の脆弱性	CWE-367 CWE-77	CVE-2026-53822	2026-06-17 15:39	2026-06-12	Show	GitHub Exploit DB Packet Storm

1279	8.1	重要 Network	OpenClaw	OpenClaw	OpenClawにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-53823	2026-06-17 15:38	2026-06-12	Show	GitHub Exploit DB Packet Storm

1280	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-53824	2026-06-17 15:38	2026-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
343771	-	tiki	tikiwiki_cms\/groupware	tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the installation path via an invalid topics_sort_mode parameter, possibly related to an SQL injection vuln…	CWE-200 Information Exposure	CVE-2005-3529	2018-10-20 00:36	2005-11-21	Show	GitHub Exploit DB Packet Storm

343772	-	ifax_solutions	hylafax	hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges.	NVD-CWE-Other	CVE-2005-3538	2018-10-20 00:36	2005-12-31	Show	GitHub Exploit DB Packet Storm

343773	-	hylafax	hylafax	Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID pa…	NVD-CWE-Other	CVE-2005-3539	2018-10-20 00:36	2005-12-31	Show	GitHub Exploit DB Packet Storm

343774	-	xpdf	xpdf	Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libe…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2005-3192	2018-10-20 00:35	2005-12-8	Show	GitHub Exploit DB Packet Storm

343775	-	xpdf	xpdf	Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KD…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2005-3193	2018-10-20 00:35	2005-12-7	Show	GitHub Exploit DB Packet Storm

343776	-	paros	paros	Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does not restrict access to the local machine, which allows remote attackers to gain privileges.	NVD-CWE-Other	CVE-2005-3280	2018-10-20 00:35	2005-10-23	Show	GitHub Exploit DB Packet Storm

343777	-	libungif	libungif	libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.	NVD-CWE-Other	CVE-2005-3350	2018-10-20 00:35	2005-11-4	Show	GitHub Exploit DB Packet Storm

343778	-	andries_brouwer	util-linux	umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, whi…	NVD-CWE-Other	CVE-2005-2876	2018-10-20 00:34	2005-09-14	Show	GitHub Exploit DB Packet Storm

343779	-	sgi	irix	runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.	NVD-CWE-Other	CVE-2005-2925	2018-10-20 00:34	2005-10-12	Show	GitHub Exploit DB Packet Storm

343780	-	university_of_kansas	lynx	Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in t…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2005-2929	2018-10-20 00:34	2005-11-18	Show	GitHub Exploit DB Packet Storm