Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2381	5.4	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23758	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

2382	6.5	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-25773	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

2383	4.3	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-28736	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

2384	7.8	重要 Local	DeepCool	DeepCreative	DeepCoolのDeepCreativeにおける安全でない継承されたパーミッションに関する脆弱性	CWE-277 安全でない継承されたパーミッション	CVE-2026-30266	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

2385	7.5	重要 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-32297	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

2386	9.1	緊急 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM FirmwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-32298	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

2387	7.5	重要 Network	オラクル	Oracle Financial Services Customer Screening	オラクルのOracle Financial Services Customer Screeningにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-34320	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2388	5.8	警告 Network	Pavel Zbornik (pavelzbornik)	whisperX REST API	Pavel Zbornik (pavelzbornik)のwhisperX REST APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34981	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

2389	7.5	重要 Network	Distribution	Distribution	Distributionにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-35172	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

2390	7.5	重要 Network	UnJS Team	defu	UnJS Teamのdefuにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-35209	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346621	-	oracle	applications e-business_suite	Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrar…	NVD-CWE-Other	CVE-2003-0632	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346622	-	oracle	applications e-business_suite	Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without…	NVD-CWE-Other	CVE-2003-0633	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346623	-	novell	ichain	Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM.	NVD-CWE-Other	CVE-2003-0635	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346624	-	novell	ichain	Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via…	NVD-CWE-Other	CVE-2003-0638	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346625	-	novell	ichain	Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication.	NVD-CWE-Other	CVE-2003-0639	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346626	-	gamespy	arcade	Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) seq…	NVD-CWE-Other	CVE-2003-0650	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346627	-	xtokkaetama	xtokkaetama	Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611.	NVD-CWE-Other	CVE-2003-0652	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346628	-	cdrtools	cdrtools	rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root privileges by specifying the target file as a command line argument, which is modified while rscsi is …	NVD-CWE-Other	CVE-2003-0655	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346629	-	eroaster	eroaster	eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.	NVD-CWE-Other	CVE-2003-0656	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm

346630	-	sun	iplanet_directory_server one_directory_server	Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences.	NVD-CWE-Other	CVE-2003-0676	2016-10-18 11:36	2003-08-27	Show	GitHub Exploit DB Packet Storm