Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
208421 3.5 注意 Debian
ownCloud		 - ownCloud Server Community Edition におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-3011 2015-05-12 15:46 2015-03-25 Show GitHub Exploit DB Packet Storm
208422 4.3 警告 KO GmbH
ownCloud		 - WebODF におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-9716 2015-05-12 15:44 2014-12-4 Show GitHub Exploit DB Packet Storm
208423 4.3 警告 Huawei - Huawei SEQ Analyst におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-2347 2015-05-12 15:32 2015-04-16 Show GitHub Exploit DB Packet Storm
208424 5 警告 株式会社ラクス - メールディーラーにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-0915 2015-05-12 12:02 2015-05-12 Show GitHub Exploit DB Packet Storm
208425 5 警告 レッドハット - Red Hat JBoss Enterprise Application の Platformorg.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2014-3481 2015-05-11 18:22 2014-06-26 Show GitHub Exploit DB Packet Storm
208426 6.8 警告 アップル
日立
Apache Software Foundation
オラクル		 - Apache HTTP Server の mod_status モジュールおけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態 		CVE-2014-0226 2015-05-11 18:22 2014-07-14 Show GitHub Exploit DB Packet Storm
208427 5 警告 アップル
Apache Software Foundation
オラクル		 - Apache HTTP Server の mod_cgid モジュールおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-0231 2015-05-11 18:22 2014-07-14 Show GitHub Exploit DB Packet Storm
208428 4.9 警告 レッドハット - Red Hat JBoss Enterprise Application Platform で使用される JBoss Application Server の SimpleSecurityManager の isCallerInRole 関数におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-3472 2015-05-11 18:22 2014-08-6 Show GitHub Exploit DB Packet Storm
208429 10 危険 アップル
日立
サン・マイクロシステムズ		 - Oracle Java SE の Java Runtime Environment (JRE) における Hotspot の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2012-1723 2015-05-11 16:24 2012-06-12 Show GitHub Exploit DB Packet Storm
208430 9.3 危険 マイクロソフト - Microsoft Word およびその他の製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-1761 2015-05-11 16:24 2014-03-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 7.8 HIGH
Local 		- - Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) … New CWE-123
 Write-what-where Condition 		CVE-2026-41952 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
92 7.8 HIGH
Local 		- - Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) … New CWE-787
 Out-of-bounds Write 		CVE-2026-41220 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
93 - - - Cockpit v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter within multiple endpoints. This vulnerability allows an attacker to run system commands on the underlyin… New - CVE-2026-38992 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
94 - - - TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function. New - CVE-2026-36841 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
95 6.7 MEDIUM
Local 		- - Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212. New CWE-427
 Uncontrolled Search Path Element 		CVE-2026-25852 2026-04-30 00:16 2026-04-30 Show GitHub Exploit DB Packet Storm
96 3.1 LOW
Network 		- - Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: * the ap… New CWE-524
 Use of Cache Containing Sensitive Information 		CVE-2026-22741 2026-04-30 00:16 2026-04-29 Show GitHub Exploit DB Packet Storm
97 6.5 MEDIUM
Network 		- - A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully pr… New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-22740 2026-04-30 00:16 2026-04-29 Show GitHub Exploit DB Packet Storm
98 9.8 CRITICAL
Network 		pipecat pipecat Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Versions 0.0.41 through 0.0.93 have a vulnerability in `LivekitFrameSerializer` – an opti… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2025-62373 2026-04-30 00:00 2026-04-24 Show GitHub Exploit DB Packet Storm
99 6.1 MEDIUM
Network 		cure53 dompurify DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBID_TAGS and FORBID_ATTR handling when function-based ADD_TA… Update CWE-79
CWE-183
Cross-site Scripting
 Permissive List of Allowed Inputs 		CVE-2026-41240 2026-04-29 23:58 2026-04-24 Show GitHub Exploit DB Packet Storm
100 9.8 CRITICAL
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUSY handling in tls_do_encryption(), introduced by c… Update CWE-416
 Use After Free 		CVE-2026-31533 2026-04-29 23:51 2026-04-24 Show GitHub Exploit DB Packet Storm