Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2331 7.5 重要
Network 		follow-redirects project Follow Redirects Follow Redirects projectのFollow Redirectsにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-40895 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2332 6.5 警告
Network 		WWBN AVideo WWBNのAVideoにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-40907 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2333 5.3 警告
Network 		WWBN AVideo WWBNのAVideoにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40908 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2334 6.5 警告
Network 		WWBN AVideo WWBNのAVideoにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40909 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2335 5.4 警告
Network 		Docmost Docmost Docmostにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40927 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2336 5.4 警告
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40928 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2337 5.4 警告
Network 		WWBN AVideo WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40929 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2338 7.8 重要
Local 		node-modules compressing node-modulesのcompressingにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-40931 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2339 5.3 警告
Network 		WWBN AVideo WWBNのAVideoにおける推測可能な CAPTCHA の脆弱性 CWE-804
推測可能な CAPTCHA 		CVE-2026-40935 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
2340 5.3 警告
Network 		WWBN AVideo WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-41055 2026-04-27 11:20 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346901 - oracle peoplesoft_enterprise Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE03. NVD-CWE-noinfo
CVE-2005-3463 2016-05-12 03:14 2005-11-2 Show GitHub Exploit DB Packet Storm
346902 - apple
perry_kiehtreiber 		mac_os_x
mac_os_x_server
securityd 		Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2005-2741 2016-05-10 01:50 2005-10-26 Show GitHub Exploit DB Packet Storm
346903 - sgi irix Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activit… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2005-0139 2016-05-10 01:49 2005-09-22 Show GitHub Exploit DB Packet Storm
346904 - sgi irix rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs … CWE-17
Code 		CVE-2005-0138 2016-05-10 00:32 2005-09-22 Show GitHub Exploit DB Packet Storm
346905 - - - Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE01. NVD-CWE-Other
CVE-2005-3461 2016-04-30 10:59 2005-11-2 Show GitHub Exploit DB Packet Storm
346906 - geodesicsolutions geoauctions_premier
geoclassifieds_basic 		SQL injection vulnerability in index.php in GeodesicSolutions (1) GeoAuctions Premier 2.0.3 and (2) GeoClassifieds Basic 2.0.3 allows remote attackers to execute arbitrary SQL commands via the b para… CWE-89
SQL Injection 		CVE-2006-3823 2015-09-2 01:59 2006-07-25 Show GitHub Exploit DB Packet Storm
346907 - geodesicsolutions geoauctions_premier
geoclassifieds_basic 		Successful exploitation requires that the 'accumulative feedback' feature is turned on. CWE-89
SQL Injection 		CVE-2006-3823 2015-09-2 01:59 2006-07-25 Show GitHub Exploit DB Packet Storm
346908 - roundcube webmail Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the netwo… CWE-200
Information Exposure 		CVE-2010-0464 2015-08-25 01:43 2010-01-30 Show GitHub Exploit DB Packet Storm
346909 - ez ez_publish eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request… CWE-399
 Resource Management Errors 		CVE-2005-4857 2015-07-29 00:04 2005-12-31 Show GitHub Exploit DB Packet Storm
346910 - ez ez_publish The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain … CWE-19
 Data Processing Errors 		CVE-2005-4856 2015-07-29 00:03 2005-12-31 Show GitHub Exploit DB Packet Storm