Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1831	8.8	重要 Network	マイクロソフト	Azure Privileged Identity Management (PIM)	Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-35430	2026-05-29 11:20	2026-05-22	Show	GitHub Exploit DB Packet Storm

1832	8.8	重要 Network	マイクロソフト	Azure Virtual Network Gateway	Azure Virtual Network Gateway Remote Code Execution Vulnerability	CWE-20 CWE-noinfo	CVE-2026-40411	2026-05-29 11:20	2026-05-22	Show	GitHub Exploit DB Packet Storm

1833	9.8	緊急 Network	マイクロソフト	Azure Orbital Spatio	Azure Orbital Spatio のリモートでコードが実行される脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-40412	2026-05-29 11:20	2026-05-22	Show	GitHub Exploit DB Packet Storm

1834	9.8	緊急 Network	midoks	mdserver-web	midoksのmdserver-webにおける複数の脆弱性	CWE-78 CWE-862	CVE-2026-41315	2026-05-29 11:20	2026-05-14	Show	GitHub Exploit DB Packet Storm

1835	7.5	重要 Network	opentelemetry	OpenTelemetry.OpAmp.Client	opentelemetryのOpenTelemetry.OpAmp.Clientにおける過剰なサイズ値のメモリ割り当てに関する脆弱性	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2026-42348	2026-05-29 11:20	2026-05-12	Show	GitHub Exploit DB Packet Storm

1836	9.1	緊急 Network	Archive::Tar project	Archive::Tar	Archive::Tar projectのArchive::Tarにおけるリンク解釈に関する脆弱性	CWE-59 リンク解釈の問題	CVE-2026-42496 CVE-2026-42497	2026-05-29 11:20	2026-05-26	Show	GitHub Exploit DB Packet Storm

1837	7.5	重要 Network	Archive::Tar project	Archive::Tar	Archive::Tar projectのArchive::Tarにおける複数の脆弱性	CWE-59 CWE-732	CVE-2026-42496 CVE-2026-42497	2026-05-29 11:20	2026-05-26	Show	GitHub Exploit DB Packet Storm

1838	6.5	警告 Network	Hatchet	Hatchet	Hatchetにおける複数の脆弱性	CWE-639 CWE-863	CVE-2026-42572	2026-05-29 11:19	2026-05-14	Show	GitHub Exploit DB Packet Storm

1839	9.8	緊急 Network	Workiva	Arelle	WorkivaのArelleにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-42796	2026-05-29 11:19	2026-05-4	Show	GitHub Exploit DB Packet Storm

1840	8.8	重要 Network	Grav CMS	Grav-plugin-api	Grav CMSのGrav-plugin-apiにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-42843	2026-05-29 11:19	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
354891	-	-	-	Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or H…	NVD-CWE-Other	CVE-2005-4192	2011-03-8 11:27	2005-12-13	Show	GitHub Exploit DB Packet Storm

354892	-	innovateware	sights_n_sounds_streaming_media_server	Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming Media Server 2.0.3.a allows remote attackers to cause a denial of service (application crash) via a long query string.	NVD-CWE-Other	CVE-2005-4194	2011-03-8 11:27	2005-12-13	Show	GitHub Exploit DB Packet Storm

354893	-	php_web_scripts	link_up_gold	Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) link parameter to tell_friend.php, (2) phrase[] paramet…	NVD-CWE-Other	CVE-2005-4231	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

354894	-	powerdev	encapsgallery	SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2005-4234	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

354895	-	whmcompletesolution	whmcompletesolution	Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters.	NVD-CWE-Other	CVE-2005-4235	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

354896	-	cartkeeper	ckgold_shopping_cart	Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters.	NVD-CWE-Other	CVE-2005-4236	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

354897	-	servers-r-us	mysqlauction	Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword…	NVD-CWE-Other	CVE-2005-4237	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

354898	-	mantis	mantis	Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter.	NVD-CWE-Other	CVE-2005-4238	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

354899	-	php_jackknife	php_jackknife	Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sK…	NVD-CWE-Other	CVE-2005-4239	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm

354900	-	vcd-db	vcd-db	Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter.	NVD-CWE-Other	CVE-2005-4241	2011-03-8 11:27	2005-12-14	Show	GitHub Exploit DB Packet Storm