Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250801 4.3 警告 g.rodola - pyftpdlib の FTPHandler クラスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-362
競合状態 		CVE-2009-5010 2012-03-27 18:42 2008-11-16 Show GitHub Exploit DB Packet Storm
250802 5 警告 IBM - IBM TFIM におけるアサーションを偽造される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-7299 2012-03-27 18:42 2011-08-12 Show GitHub Exploit DB Packet Storm
250803 5.8 警告 Android - Android の Android ブラウザにおける任意クッキーが上書きまたは削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7298 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
250804 5.8 警告 Opera Software ASA - Opera における任意の Cookie を上書きおよび削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7297 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
250805 5.8 警告 アップル - Apple の Safari における任意のクッキーを上書きまたは削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7296 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
250806 5.8 警告 マイクロソフト - Microsoft Internet Explorer における任意のクッキーを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7295 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
250807 5.8 警告 Google - Google Chrome における任意のクッキーを上書きまたは削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7294 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
250808 5.8 警告 Mozilla Foundation - Mozilla Firefox における任意のクッキーを上書きまたは削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7293 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
250809 2.1 注意 Mozilla Foundation - Bugzilla における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-7292 2012-03-27 18:42 2011-08-9 Show GitHub Exploit DB Packet Storm
250810 4 警告 IBM - IBM TDS の ldap_explode_rdn API 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7290 2012-03-27 18:42 2011-04-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3191 - - - Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall handles URL-encoded slashes (%2F) in a case-sensitive manner, while percent-enc… CWE-178
CWE-436
 Improper Handling of Case Sensitivity
 Interpretation Conflict 		CVE-2026-42272 2026-05-9 01:03 2026-05-8 Show GitHub Exploit DB Packet Storm
3192 - - - Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are cas… CWE-178
CWE-436
 Improper Handling of Case Sensitivity
 Interpretation Conflict 		CVE-2026-42273 2026-05-9 01:03 2026-05-8 Show GitHub Exploit DB Packet Storm
3193 - - - Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw (non-normalized) request path, while downstre… CWE-35
CWE-436
 Path Traversal: '.../...//'
 Interpretation Conflict 		CVE-2026-42274 2026-05-9 01:03 2026-05-8 Show GitHub Exploit DB Packet Storm
3194 7.5 HIGH
Network 		coredns.io coredns CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-QUIC (DoQ) server can be driven into unbounded goroutine and memory growth by a remote client that opens many QU… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-32934 2026-05-9 01:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3195 7.5 HIGH
Network 		coredns.io coredns CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS (DoH) GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decodi… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-32936 2026-05-9 01:02 2026-05-6 Show GitHub Exploit DB Packet Storm
3196 4.1 MEDIUM
Network 		- - Kimai is an open-source time tracking application. From version 2.32.0 to before version 2.56.0, users with the role System-Admin (ROLE_SYSTE_ADMIN) and the permission upload_invoice_template can upl… CWE-22
Path Traversal 		CVE-2026-44298 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
3197 7.8 HIGH
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2022-26522 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
3198 5.3 MEDIUM
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… CWE-400
 Uncontrolled Resource Consumption 		CVE-2022-26523 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
3199 6.5 MEDIUM
Network 		- - Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field. CWE-78
OS Command  		CVE-2022-45899 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
3200 5.8 MEDIUM
Network 		- - solidtime is an open-source time-tracking app. In version 0.12.0, the PUT /api/v1/organizations/{organization}/time-entries/{timeEntry} API accepts a route-bound timeEntry from another organization w… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42279 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm