Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220671	5	警告	オラクル	-	Oracle Siebel CRM の Siebel Core - EAI における Web Services に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3841	2013-10-17 18:58	2013-10-15	Show	GitHub Exploit DB Packet Storm

220672	4	警告	オラクル	-	Oracle Siebel CRM の Siebel Core - EAI における Web Services に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3840	2013-10-17 18:57	2013-10-15	Show	GitHub Exploit DB Packet Storm

220673	4	警告	オラクル	-	Oracle Siebel CRM の Siebel Server Remote における File System Management に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3832	2013-10-17 18:57	2013-10-15	Show	GitHub Exploit DB Packet Storm

220674	5	警告	オラクル	-	Oracle Database Server の Core RDBMS における脆弱性	CWE-noinfo 情報不足	CVE-2013-3826	2013-10-17 18:14	2013-10-15	Show	GitHub Exploit DB Packet Storm

220675	6.4	警告	オラクル	-	Oracle Database Server の XML Parser における脆弱性	CWE-noinfo 情報不足	CVE-2013-5771	2013-10-17 18:13	2013-10-15	Show	GitHub Exploit DB Packet Storm

220676	4	警告	オラクル	-	Oracle Primavera Products Suite の Primavera P6 Enterprise Project Portfolio Management における Web Access に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3766	2013-10-17 18:10	2013-10-15	Show	GitHub Exploit DB Packet Storm

220677	5	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Portal に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-5794	2013-10-17 18:08	2013-10-15	Show	GitHub Exploit DB Packet Storm

220678	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における PIA Core Technology に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-5779	2013-10-17 18:08	2013-10-15	Show	GitHub Exploit DB Packet Storm

220679	5	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における XML Publisher に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-5765	2013-10-17 18:08	2013-10-15	Show	GitHub Exploit DB Packet Storm

220680	5	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Integration Broker に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-3835	2013-10-17 18:08	2013-10-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
681	4.3	MEDIUM Network	-	-	A missing permission check in Jenkins Script Security Plugin 1399.ve6a_66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths.	CWE-862 Missing Authorization	CVE-2026-42519	2026-05-1 00:11	2026-04-29	Show	GitHub Exploit DB Packet Storm

682	7.5	HIGH Network	-	-	Jenkins Credentials Binding Plugin 719.v80e905ef14eb_ and earlier does not sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to write file…	CWE-22 Path Traversal	CVE-2026-42520	2026-05-1 00:11	2026-04-29	Show	GitHub Exploit DB Packet Storm

683	3.1	LOW Network	-	-	Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: * the ap…	CWE-524 Use of Cache Containing Sensitive Information	CVE-2026-22741	2026-05-1 00:11	2026-04-29	Show	GitHub Exploit DB Packet Storm

684	6.5	MEDIUM Network	-	-	Jenkins Matrix Authorization Strategy Plugin 2.0-beta-1 through 3.2.9 (both inclusive) invokes parameterless constructors of classes specified in configuration when deserializing inheritance strategi…	CWE-502 Deserialization of Untrusted Data	CVE-2026-42521	2026-05-1 00:11	2026-04-29	Show	GitHub Exploit DB Packet Storm

685	4.3	MEDIUM Network	-	-	A missing permission check in Jenkins GitHub Branch Source Plugin 1967.vdea_d580c1a_b_a_ and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL with attacke…	CWE-862 Missing Authorization	CVE-2026-42522	2026-05-1 00:11	2026-04-29	Show	GitHub Exploit DB Packet Storm

686	9.0	CRITICAL Network	-	-	Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling", resulting in a…	CWE-79 Cross-site Scripting	CVE-2026-42523	2026-05-1 00:11	2026-04-29	Show	GitHub Exploit DB Packet Storm

687	8.0	HIGH Network	-	-	Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with…	CWE-79 Cross-site Scripting	CVE-2026-42524	2026-05-1 00:11	2026-04-29	Show	GitHub Exploit DB Packet Storm

688	8.0	HIGH Adjacent	-	-	A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions.	CWE-306 CWE-1390 Missing Authentication for Critical Function Weak Authentication	CVE-2026-0204	2026-05-1 00:11	2026-04-30	Show	GitHub Exploit DB Packet Storm

689	6.8	MEDIUM Adjacent	-	-	A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.	CWE-35 Path Traversal: '.../...//'	CVE-2026-0205	2026-05-1 00:11	2026-04-30	Show	GitHub Exploit DB Packet Storm

690	4.9	MEDIUM Network	-	-	A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.	CWE-121 Stack-based Buffer Overflow	CVE-2026-0206	2026-05-1 00:11	2026-04-30	Show	GitHub Exploit DB Packet Storm