Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
220531 4 警告 IBM - IBM Sterling B2B Integrator および Sterling File Gateway における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-0568 2013-10-24 10:52 2013-06-30 Show GitHub Exploit DB Packet Storm
220532 4 警告 IBM - IBM Sterling B2B Integrator および Sterling File Gateway における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-0567 2013-10-24 10:51 2013-03-27 Show GitHub Exploit DB Packet Storm
220533 4 警告 IBM - IBM Sterling B2B Integrator および Sterling File Gateway におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0479 2013-10-24 10:46 2013-06-30 Show GitHub Exploit DB Packet Storm
220534 4 警告 IBM - IBM Sterling B2B Integrator および Sterling File Gateway における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-0463 2013-10-23 18:41 2013-06-30 Show GitHub Exploit DB Packet Storm
220535 4.6 警告 シスコシステムズ - Cisco Unified Computing System のファブリックインターコネクトコンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5550 2013-10-23 16:51 2013-10-21 Show GitHub Exploit DB Packet Storm
220536 5.4 警告 シスコシステムズ - Cisco Adaptive Security Appliance ソフトウェアの VPN 認証機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-5544 2013-10-23 16:45 2013-10-22 Show GitHub Exploit DB Packet Storm
220537 10 危険 IBM - IBM WebSphere DataPower XC10 アプライアンス上で稼働するコンソールにおける脆弱性 CWE-noinfo
情報不足 		CVE-2013-5446 2013-10-23 16:42 2013-10-18 Show GitHub Exploit DB Packet Storm
220538 7.1 危険 IBM - IBM WebSphere DataPower XC10 アプライアンスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5428 2013-10-23 16:39 2013-10-18 Show GitHub Exploit DB Packet Storm
220539 5.8 警告 シスコシステムズ - Open Shortest Path First (OSPF) プロトコルの Link State Advertisement (LSA) に関する問題 CWE-noinfo
情報不足 		CVE-2013-0149 2013-10-23 14:46 2013-08-1 Show GitHub Exploit DB Packet Storm
220540 10 危険 MySQL AB
オラクル		 - MySQL における脆弱性 CWE-noinfo
情報不足 		CVE-2012-2750 2013-10-23 14:44 2012-08-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
761 7.5 HIGH
Network 		vmware spring_boot Values produced by ${random.value} are not suitable for use as secrets. ${random.uuid} is not affected. ${random.int} and ${random.long} should never be used for secrets as they are numeric values wi… CWE-330
 Use of Insufficiently Random Values 		CVE-2026-40975 2026-04-30 22:57 2026-04-28 Show GitHub Exploit DB Packet Storm
762 9.1 CRITICAL
Network 		vmware spring_boot In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web applica… CWE-862
 Missing Authorization 		CVE-2026-40976 2026-04-30 22:54 2026-04-28 Show GitHub Exploit DB Packet Storm
763 6.7 MEDIUM
Local 		vmware spring_boot When an application is configured to use `ApplicationPidFileWriter`, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is starte… CWE-59
Link Following 		CVE-2026-40977 2026-04-30 22:37 2026-04-28 Show GitHub Exploit DB Packet Storm
764 8.8 HIGH
Network 		vmware spring_grpc When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the … CWE-653
 Improper Isolation or Compartmentalization 		CVE-2026-40968 2026-04-30 22:32 2026-04-29 Show GitHub Exploit DB Packet Storm
765 8.8 HIGH
Network 		dlink dir-825m_firmware A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads … CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7288 2026-04-30 22:27 2026-04-29 Show GitHub Exploit DB Packet Storm
766 5.3 MEDIUM
Network 		vmware spring_grpc The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the a… CWE-209
Information Exposure Through an Error Message 		CVE-2026-40969 2026-04-30 22:24 2026-04-29 Show GitHub Exploit DB Packet Storm
767 8.8 HIGH
Network 		dlink dir-825m_firmware A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer o… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7289 2026-04-30 22:19 2026-04-29 Show GitHub Exploit DB Packet Storm
768 5.3 MEDIUM
Network 		openclaw openclaw OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated attackers to consume resources. Remote attackers can trigger … CWE-408
 Incorrect Behavior Order: Early Amplification 		CVE-2026-41374 2026-04-30 22:19 2026-04-29 Show GitHub Exploit DB Packet Storm
769 9.4 CRITICAL
Network 		dlink di-8100_firmware A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffe… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7248 2026-04-30 22:18 2026-04-28 Show GitHub Exploit DB Packet Storm
770 4.3 MEDIUM
Network 		- - VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cros… CWE-352
 Origin Validation Error 		CVE-2018-25310 2026-04-30 22:16 2026-04-30 Show GitHub Exploit DB Packet Storm