Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208641	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-3039	2015-04-22 17:49	2015-04-14	Show	GitHub Exploit DB Packet Storm

208642	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2015-3038	2015-04-22 17:49	2015-04-14	Show	GitHub Exploit DB Packet Storm

208643	7.5	危険	アップルサン・マイクロシステムズ日立 IBM オラクル	-	複数の Oracle Java 製品における JAXP に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-5802	2015-04-22 17:33	2013-10-15	Show	GitHub Exploit DB Packet Storm

208644	5	警告	アップルサン・マイクロシステムズ日立 IBM オラクル	-	複数の Oracle Java 製品における JAXP に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-5825	2015-04-22 17:32	2013-10-15	Show	GitHub Exploit DB Packet Storm

208645	4.3	警告	IBM Apache Software Foundation アップルサイバートラスト株式会社富士通 NetBSD ヒューレット・パッカードターボリナックスレッドハット FreeBSD オラクル Google 日立 OpenBSD	-	Apache Portable Runtime ライブラリなどの製品で使用される apr_fnmatch.c および fnmatch.c におけるサービス運用妨害 (CPU とメモリ消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0419	2015-04-22 16:23	2011-03-10	Show	GitHub Exploit DB Packet Storm

208646	5.8	警告	日立 Apache Software Foundation	-	Apache Axis の getCN 関数における SSL サーバになりすまされる脆弱性	CWE-Other その他	CVE-2014-3596	2015-04-22 15:11	2014-08-19	Show	GitHub Exploit DB Packet Storm

208647	5	警告	DELL EMC (旧 EMC Corporation) 日立	-	EMC RSA BSAFE-C Toolkits の Dual_EC_DRBG の実装における TLS セッションから平文を取得される脆弱性	CWE-310 暗号の問題	CVE-2014-4192	2015-04-22 14:45	2014-04-7	Show	GitHub Exploit DB Packet Storm

208648	4.6	警告	Linux	-	Linux Kernel の net/rds/sysctl.c におけるカーネルメモリから重要な情報を取得される脆弱性	CWE-Other その他	CVE-2015-2042	2015-04-22 12:07	2015-02-5	Show	GitHub Exploit DB Packet Storm

208649	4.6	警告	Linux	-	Linux Kernel の net/llc/sysctl_net_llc.c におけるカーネルメモリから重要な情報を取得される脆弱性	CWE-Other その他	CVE-2015-2041	2015-04-22 12:07	2015-01-25	Show	GitHub Exploit DB Packet Storm

208650	4.3	警告	シスコシステムズ	-	Cisco Unified MeetingPlace の管理 Web インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-0703	2015-04-22 11:52	2015-04-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
171	6.5	MEDIUM Network	-	-	Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from n/a through 4.3.1. New	CWE-862 Missing Authorization	CVE-2026-42412	2026-04-29 18:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

172	-		-	-	SQL injection (SQLi) in MegaCMS v12.0.0, specifically in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint. The vulnerability arises from inadequate validation and… New	CWE-89 SQL Injection	CVE-2026-3325	2026-04-29 18:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

173	6.1	MEDIUM Network	-	-	The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious Java… New	CWE-79 Cross-site Scripting	CVE-2025-10503	2026-04-29 18:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

174	7.3	HIGH Network	-	-	Missing Authorization vulnerability in Brainstorm Force SureForms Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SureForms Pro: from n/a through 2.8.… New	CWE-862 Missing Authorization	CVE-2026-42377	2026-04-29 17:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

175	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New	-	CVE-2026-40556	2026-04-29 17:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

176	9.6	CRITICAL Network	-	-	Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, and Firefox ESR 140.10.1. New	CWE-120 Classic Buffer Overflow	CVE-2026-7321	2026-04-29 15:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

177	7.1	HIGH Network	-	-	Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privilege… New	CWE-522 Insufficiently Protected Credentials	CVE-2026-35155	2026-04-29 14:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

178	-		-	-	Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application. New	-	CVE-2026-21023	2026-04-29 14:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

179	7.2	HIGH Network	-	-	GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /#recipe=Show_Base64_offsets('%3Cscript substring. New	CWE-79 Cross-site Scripting	CVE-2026-42615	2026-04-29 13:16	2026-04-29	Show	GitHub Exploit DB Packet Storm

180	4.3	MEDIUM Network	-	-	Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged attacker with remote access could potentially exploit this vu… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-23773	2026-04-29 13:16	2026-04-29	Show	GitHub Exploit DB Packet Storm