Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
210411 5.4 警告 Tektite - Android 用 Turbo River Racing Free アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5712 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210412 5.4 警告 マイクロソフト - Android 用 Microsoft Tech Companion アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5711 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210413 5.4 警告 Fast Lane Institute for Knowledge Transfer GmbH - Android 用 Cisco Class Locator Fast Lane アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5710 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210414 5.4 警告 Sunstorm Games LLC - Android 用 Donut Maker アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5709 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210415 5.4 警告 GameInfo - Android 用 Best Racing/moto Games Ranking アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5708 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210416 5.4 警告 Animoca - Android 用 Bunny Run アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5707 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210417 5.4 警告 Wizard Works - Android 用 SomNote - Journal/Memo アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5706 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210418 5.4 警告 SEGA of America - Android 用 Sonic CD Lite アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5705 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210419 5.4 警告 mr384 project - Android 用 Mzone Login アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5665 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
210420 5.4 警告 playstudio - Android 用 Brisbane & Queensland Alert アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-4906 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
961 3.3 LOW
Local 		- - A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms (e.g., ln SOURCE... DIRECTORY). Whi… New CWE-176
 Improper Handling of Unicode Encoding 		CVE-2026-35373 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
962 6.3 MEDIUM
Local 		- - A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output file… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-35374 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
963 3.3 LOW
Local 		- - A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes to_string_lossy() wh… New CWE-176
 Improper Handling of Unicode Encoding 		CVE-2026-35375 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
964 4.5 MEDIUM
Local 		- - A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path loo… New CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-35376 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
965 3.3 LOW
Local 		- - A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S (split-string) option. In GNU env, backslashes within single quot… New CWE-20
 Improper Input Validation  		CVE-2026-35377 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
966 3.3 LOW
Local 		- - A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw… New CWE-768
CVE-2026-35378 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
967 3.3 LOW
Local 		- - A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the [:graph:] and [:print:] character classes. The implementation mistakenly includes the ASCII space char… New CWE-684
 Incorrect Provision of Specified Functionality 		CVE-2026-35379 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
968 8.1 HIGH
Network 		- - Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-26354 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
969 - - - An authenticated attacker can store a crafted tag value in _user_tags and trigger JavaScript execution when a victim opens the list/report view where tags are rendered. The vulnerable renderer interp… New CWE-79
Cross-site Scripting 		CVE-2026-3673 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm
970 - - - http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the gen… New CWE-150
 Improper Neutralization of Escape, Meta, or Control Sequences 		CVE-2026-6019 2026-04-23 06:23 2026-04-23 Show GitHub Exploit DB Packet Storm