Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 6:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222311	5	警告	Little CMS	-	OpenJDK などの製品で使用される Little CMS におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2013-4160	2014-01-24 14:02	2013-06-25	Show	GitHub Exploit DB Packet Storm

222312	5	警告	シスコシステムズ	-	Cisco ASR 5000 シリーズのデバイス上で稼働する Gateway GPRS Support Node コンポーネントにおけるトップアップ支払の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0669	2014-01-24 13:56	2014-01-22	Show	GitHub Exploit DB Packet Storm

222313	4	警告	シスコシステムズ	-	Cisco MediaSens の Search and Play インターフェースにおける任意の記録をダウンロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-0672	2014-01-24 12:28	2014-01-22	Show	GitHub Exploit DB Packet Storm

222314	5.8	警告	シスコシステムズ	-	Cisco MediaSense におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2014-0671	2014-01-24 12:24	2014-01-22	Show	GitHub Exploit DB Packet Storm

222315	4.3	警告	シスコシステムズ	-	Cisco MediaSense の Search and Play インターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-0670	2014-01-24 12:17	2014-01-22	Show	GitHub Exploit DB Packet Storm

222316	6.8	警告	Seagate Technology LLC	-	Seagate BlackArmor NAS 220 デバイスのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-6922	2014-01-23 18:35	2013-12-3	Show	GitHub Exploit DB Packet Storm

222317	7.2	危険	レッドハット	-	Red Hat Enterprise Virtualization で使用される SPICE サービスにおける権限を取得される脆弱性	CWE-Other その他	CVE-2013-2152	2014-01-23 18:17	2013-06-10	Show	GitHub Exploit DB Packet Storm

222318	3.2	注意	Linux NFS	-	nfs-utils の rpc-gssd におけるその他の制限ファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2013-1923	2014-01-23 18:13	2013-04-3	Show	GitHub Exploit DB Packet Storm

222319	7.2	危険	レッドハット	-	Red Hat Enterprise Virtualization における権限を取得される脆弱性	CWE-Other その他	CVE-2013-2151	2014-01-23 18:12	2013-06-10	Show	GitHub Exploit DB Packet Storm

222320	9.3	危険	Lenovo	-	Lenovo Thinkpad Bluetooth with Enhanced Data Rate ソフトウェアにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2013-1361	2014-01-23 17:57	2013-01-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1911	6.3	MEDIUM Network	-	-	A vulnerability was identified in JeecgBoot up to 3.9.1. The impacted element is an unknown function of the file /sys/comment/add. Such manipulation leads to improper access controls. The attack can …	CWE-266 CWE-284 Incorrect Privilege Assignment Improper Access Control	CVE-2026-9581	2026-05-28 23:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1912	7.5	HIGH Network	archive\	\	Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. _read_tar() reads each entry's payload with $handle->read($$data, $block), …	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-9538	2026-05-28 23:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

1913	7.5	HIGH Network	-	-	The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.	CWE-524 Use of Cache Containing Sensitive Information	CVE-2026-48901	2026-05-28 23:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1914	7.8	HIGH Local	-	-	A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker ca…	CWE-787 Out-of-bounds Write	CVE-2026-48864	2026-05-28 23:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1915	7.7	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to 3.38.1, the REST datasource integration (packages/server/src/integrations/rest.ts) follows HTTP redirects without re-checking the IP blacklist, …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45715	2026-05-28 23:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1916	10.0	CRITICAL Network	-	-	Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode (dalfox server), the server binds to 0.0.0.0:6664 by de…	CWE-15 CWE-78 CWE-306 External Control of System or Configuration Setting OS Command Missing Authentication for Critical Function	CVE-2026-45087	2026-05-28 23:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1917	5.0	MEDIUM Network	-	-	Vowpal Wabbit is a machine learning system. The workflow .github/workflows/python_checks.yml embeds ${{ github.event.pull_request.title }} directly inside double-quoted bash strings in four separate …	CWE-78 CWE-1336 OS Command Improper Neutralization of Special Elements Used in a Template Engine	CVE-2026-44723	2026-05-28 23:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1918	7.9	HIGH Local	-	-	pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption…	CWE-59 CWE-287 Link Following Improper Authentication	CVE-2026-44711	2026-05-28 23:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1919	7.5	HIGH Network	archive\	\	Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. _make_special_file() passes the tar header's linkname to link() without va…	CWE-59 CWE-732 Link Following Incorrect Permission Assignment for Critical Resource	CVE-2026-42497	2026-05-28 23:16	2026-05-26	Show	GitHub Exploit DB Packet Storm

1920	9.1	CRITICAL Network	archive\	\	Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. _make_special_file() passes the tar header's linkname to symlink() with…	CWE-59 Link Following	CVE-2026-42496	2026-05-28 23:16	2026-05-26	Show	GitHub Exploit DB Packet Storm