Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207941	4.3	警告	Stuart Caie	-	libmspack の chmd.c の chmd_init_decomp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2015-4467	2015-06-12 17:44	2015-01-26	Show	GitHub Exploit DB Packet Storm

207942	4.3	警告	Stuart Caie	-	libmspack の cabd.c の cabd_extract 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2014-9732	2015-06-12 17:44	2014-12-21	Show	GitHub Exploit DB Packet Storm

207943	5	警告	Magnifica Webscripts	-	Magnifica Webscripts Anima Gallery の func.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-4415	2015-06-12 15:36	2015-06-7	Show	GitHub Exploit DB Packet Storm

207944	4.3	警告	Dolibarr ERP & CRM	-	Dolibarr ERP/CRM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-3935	2015-06-12 15:23	2015-05-21	Show	GitHub Exploit DB Packet Storm

207945	7.6	危険	マイクロソフト	-	Microsoft Windows の LoadLibrary 関数における入力を適切に検証しない脆弱性	CWE-20 不適切な入力確認	CVE-2015-1758	2015-06-12 12:10	2015-06-12	Show	GitHub Exploit DB Packet Storm

207946	6.8	警告	Encrypted Contact Form project	-	WordPress 用 Encrypted Contact Form プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-4010	2015-06-12 11:42	2015-04-1	Show	GitHub Exploit DB Packet Storm

207947	7.5	危険	Users Ultra Pro	-	WordPress 用 Users Ultra プラグインの ratings モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-4109	2015-06-12 11:42	2015-06-4	Show	GitHub Exploit DB Packet Storm

207948	7.5	危険	Montala Limited	-	Montala Limited ResourceSpace の pages/setup.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-3648	2015-06-12 11:40	2015-05-6	Show	GitHub Exploit DB Packet Storm

207949	6.6	警告	Zarafa	-	Zarafa Collaboration Platform の provider/server/ECServer.cpp における任意のファイルに書き込まれる脆弱性	CWE-59 リンク解釈の問題	CVE-2015-3436	2015-06-12 11:38	2015-04-15	Show	GitHub Exploit DB Packet Storm

207950	3.5	注意	Episerver	-	Ektron Content Management System の Test/WorkArea/workarea.aspx におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-4427	2015-06-12 10:08	2015-05-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
261	5.5	MEDIUM Local	opencascade	open_cascade_technology	An out-of-bounds read vulnerability in VrmlData_IndexedLineSet::TShape in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML… New	CWE-125 Out-of-bounds Read	CVE-2026-42479	2026-05-2 02:48	2026-05-2	Show	GitHub Exploit DB Packet Storm

262	6.5	MEDIUM Adjacent	frrouting	frrouting	FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates uint32_t … New	CWE-125 CWE-190 Out-of-bounds Read Integer Overflow or Wraparound	CVE-2026-28532	2026-05-2 02:48	2026-05-1	Show	GitHub Exploit DB Packet Storm

263	7.5	HIGH Network	opencascade	open_cascade_technology	An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. … New	CWE-476 NULL Pointer Dereference	CVE-2026-42478	2026-05-2 02:48	2026-05-2	Show	GitHub Exploit DB Packet Storm

264	7.1	HIGH Local	opencascade	open_cascade_technology	A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-assisted attackers to cause a denial of service or … New	CWE-125 Out-of-bounds Read	CVE-2026-42477	2026-05-2 02:48	2026-05-2	Show	GitHub Exploit DB Packet Storm

265	7.1	HIGH Local	opencascade	open_cascade_technology	Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 exist in RWStl_Reader::ReadAscii because buffers returned by Standard_ReadL… New	CWE-125 Out-of-bounds Read	CVE-2026-42476	2026-05-2 02:47	2026-05-2	Show	GitHub Exploit DB Packet Storm

266	9.8	CRITICAL Network	hashcat	hashcat	A heap-based buffer overflow in hex_to_binary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash fi… New	CWE-787 Out-of-bounds Write	CVE-2026-42484	2026-05-2 02:45	2026-05-1	Show	GitHub Exploit DB Packet Storm

267	10.0	CRITICAL Network	traefik	traefik	Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustFo… New	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-35051	2026-05-2 02:45	2026-05-1	Show	GitHub Exploit DB Packet Storm

268	9.8	CRITICAL Network	hashcat	hashcat	A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code v… New	CWE-787 Out-of-bounds Write	CVE-2026-42482	2026-05-2 02:45	2026-05-1	Show	GitHub Exploit DB Packet Storm

269	10.0	CRITICAL Network	traefik	traefik	Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippe… New	CWE-290 CWE-306 Authentication Bypass by Spoofing Missing Authentication for Critical Function	CVE-2026-39858	2026-05-2 02:44	2026-05-1	Show	GitHub Exploit DB Packet Storm

270	5.3	MEDIUM Network	exim	exim	In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). Information might be divulged with… New	CWE-125 Out-of-bounds Read	CVE-2026-40686	2026-05-2 02:44	2026-05-1	Show	GitHub Exploit DB Packet Storm