Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
219891	2.1	注意	MediaFront	-	Drupal 用 MediaFront モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4380	2014-05-22 16:15	2013-09-11	Show	GitHub Exploit DB Packet Storm

219892	10	危険	EFS Software	-	Easy File Sharing Web Server におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-3791	2014-05-22 16:01	2014-05-10	Show	GitHub Exploit DB Packet Storm

219893	7.5	危険	The Chicken Team	-	CHICKEN stable および development snapshots におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-3776	2014-05-22 15:52	2014-05-18	Show	GitHub Exploit DB Packet Storm

219894	6.5	警告	TYPO3 Association	-	TYPO3 の File Abstraction Layer における任意の PHP コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-4321	2014-05-22 15:19	2013-09-4	Show	GitHub Exploit DB Packet Storm

219895	5.5	警告	TYPO3 Association	-	TYPO3 の File Abstraction Layer における任意のファイルを作成または読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4320	2014-05-22 15:18	2013-09-4	Show	GitHub Exploit DB Packet Storm

219896	6.5	警告	TYPO3 Association	-	TYPO3 の file upload コンポーネントおよび File Abstraction Layer における任意の PHP コードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2013-4250	2014-05-22 15:18	2013-07-30	Show	GitHub Exploit DB Packet Storm

219897	4	警告	TYPO3 Association	-	TYPO3 の Backend History モジュールにおける任意のレコードの履歴を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6146	2014-05-22 15:18	2012-11-8	Show	GitHub Exploit DB Packet Storm

219898	7.5	危険	Construtiva Internet Software	-	Construtiva CIS Manager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-3749	2014-05-22 15:13	2014-05-16	Show	GitHub Exploit DB Packet Storm

219899	6.8	警告	マイクロソフト	-	Microsoft Visual Studio で配布される Microsoft Debug Interface Access SDK おける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2014-3802	2014-05-22 14:40	2014-05-14	Show	GitHub Exploit DB Packet Storm

219900	6.8	警告	Beetel	-	Beetel 450TC2 ルータのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-3792	2014-05-22 14:35	2014-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2831	5.5	MEDIUM Local	dell	powerflex_appliance_intelligent_catalog powerflex_manager powerflex_rack	Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Insecure Storage of Sensitive Information vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnera…	CWE-922 Insecure Storage of Sensitive Information	CVE-2025-32746	2026-05-23 05:45	2026-05-22	Show	GitHub Exploit DB Packet Storm

2832	7.8	HIGH Local	dell	powerflex_appliance_intelligent_catalog powerflex_manager powerflex_rack	Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leadi…	CWE-266 Incorrect Privilege Assignment	CVE-2025-32747	2026-05-23 05:45	2026-05-22	Show	GitHub Exploit DB Packet Storm

2833	7.5	HIGH Network	dell	powerflex_appliance_intelligent_catalog powerflex_manager powerflex_rack	Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit thi…	CWE-276 Incorrect Default Permissions	CVE-2025-32749	2026-05-23 05:44	2026-05-22	Show	GitHub Exploit DB Packet Storm

2834	8.2	HIGH Local	-	-	The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trust_remote_code=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoT…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2026-5817	2026-05-23 05:44	2026-05-23	Show	GitHub Exploit DB Packet Storm

2835	8.2	HIGH Local	-	-	The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the model_file configur…	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2026-5843	2026-05-23 05:44	2026-05-23	Show	GitHub Exploit DB Packet Storm

2836	5.5	MEDIUM Local	dell	powerflex_appliance_intelligent_catalog powerflex_manager powerflex_rack	Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Insecure Storage of Sensitive Information vulnerability. A low privileged attacker with local access could potentially exploit this vulnerabi…	CWE-922 Insecure Storage of Sensitive Information	CVE-2025-32751	2026-05-23 05:40	2026-05-23	Show	GitHub Exploit DB Packet Storm

2837	5.5	MEDIUM Local	dell	powerflex_appliance_intelligent_catalog powerflex_manager powerflex_rack	Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the ssh. A low privileged attacker with local access could potentially explo…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2025-46371	2026-05-23 05:40	2026-05-23	Show	GitHub Exploit DB Packet Storm

2838	7.1	HIGH Network	-	-	Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve a…	CWE-502 Deserialization of Untrusted Data	CVE-2026-9291	2026-05-23 05:31	2026-05-23	Show	GitHub Exploit DB Packet Storm

2839	-		-	-	Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.11.0 through 2.28.1 allow any authenticated user to inject arbitrary HTML by updating their account's font family. Upon explo…	CWE-79 Cross-site Scripting	CVE-2026-40596	2026-05-23 05:31	2026-05-23	Show	GitHub Exploit DB Packet Storm

2840	-		-	-	Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / HTML injection vulnerability, an attacker can bypass the Content Security Pol…	CWE-79 CWE-358 Cross-site Scripting Improperly Implemented Security Check for Standard	CVE-2026-40597	2026-05-23 05:31	2026-05-23	Show	GitHub Exploit DB Packet Storm