Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250991	7.1	危険	ヒューレット・パッカード	-	HP OpenView Storage Data Protector におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-0275	2012-03-27 18:42	2011-01-24	Show	GitHub Exploit DB Packet Storm

250992	3.5	注意	IBM	-	IBM Runtimes for Java Technology で使用される IBM Java のクラスファイルパーサーにおけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-0311	2012-03-27 18:42	2010-11-25	Show	GitHub Exploit DB Packet Storm

250993	6.8	警告	IBM	-	IBM WebSphere MQ におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0310	2012-03-27 18:42	2010-10-27	Show	GitHub Exploit DB Packet Storm

250994	4.3	警告	ヒューレット・パッカード	-	HP BAC および BSM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0274	2012-03-27 18:42	2011-01-24	Show	GitHub Exploit DB Packet Storm

250995	9.3	危険	ヒューレット・パッカード	-	HP OpenView Storage Data Protector Cell Manager の crs.exe におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0273	2012-03-27 18:42	2011-01-18	Show	GitHub Exploit DB Packet Storm

250996	10	危険	ヒューレット・パッカード	-	HP LoadRunner における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-0272	2012-03-27 18:42	2011-01-12	Show	GitHub Exploit DB Packet Storm

250997	10	危険	ヒューレット・パッカード	-	HP OV NNM の CGI スクリプにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-0271	2012-03-27 18:42	2011-01-10	Show	GitHub Exploit DB Packet Storm

250998	10	危険	ヒューレット・パッカード	-	HP OV NNM の nnmRptConfig.exe における任意のコードを実行される脆弱性	CWE-134 書式文字列の問題	CVE-2011-0270	2012-03-27 18:42	2011-01-10	Show	GitHub Exploit DB Packet Storm

250999	10	危険	ヒューレット・パッカード	-	HP OV NNM の nnmRptConfig.exe におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0269	2012-03-27 18:42	2011-01-10	Show	GitHub Exploit DB Packet Storm

251000	10	危険	ヒューレット・パッカード	-	HP OV NNM の nnmRptConfig.exe におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0268	2012-03-27 18:42	2011-01-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
661	8.8	HIGH Network	hcltech	icontrol	HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input param… New	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2025-52612	2026-06-5 03:32	2026-06-4	Show	GitHub Exploit DB Packet Storm

662	5.4	MEDIUM Adjacent	macgregor	interschalt_vdr_g4e_firmware	Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks. Update	CWE-916 Use of Password Hash With Insufficient Computational Effort	CVE-2026-44611	2026-06-5 03:30	2026-05-30	Show	GitHub Exploit DB Packet Storm

663	5.4	MEDIUM Adjacent	macgregor	interschalt_vdr_g4e_firmware	An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and password hashes. Update	CWE-522 Insufficiently Protected Credentials	CVE-2026-42951	2026-06-5 03:30	2026-05-30	Show	GitHub Exploit DB Packet Storm

664	8.3	HIGH Adjacent	macgregor	interschalt_vdr_g4e_firmware	The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change. Update	CWE-1392 Use of Default Credentials	CVE-2026-42941	2026-06-5 03:27	2026-05-30	Show	GitHub Exploit DB Packet Storm

665	8.3	HIGH Adjacent	macgregor	interschalt_vdr_g4e_firmware	Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials. Update	CWE-798 Use of Hard-coded Credentials	CVE-2026-42929	2026-06-5 03:26	2026-05-30	Show	GitHub Exploit DB Packet Storm

666	3.6	LOW Local	lfprojects	mlflow	A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipu… New	CWE-327 CWE-328 Use of a Broken or Risky Cryptographic Algorithm Use of Weak Hash	CVE-2026-10803	2026-06-5 03:24	2026-06-4	Show	GitHub Exploit DB Packet Storm

667	7.5	HIGH Network	-	-	Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no … New	-	CVE-2026-8881	2026-06-5 03:16	2026-06-4	Show	GitHub Exploit DB Packet Storm

668	7.4	HIGH Local	-	-	In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution New	CWE-93 CRLF Injection	CVE-2026-50292	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

669	2.2	LOW Network	-	-	In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set device_owner to a value that has "network:" at the beginning ("n… New	CWE-863 Incorrect Authorization	CVE-2026-50266	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

670	9.1	CRITICAL Network	-	-	Deserialization of Untrusted Data in the Java replace-resolve path in Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM platforms allows a remote attacker to bypass class registration, TypeChec… New	CWE-502 Deserialization of Untrusted Data	CVE-2026-50076	2026-06-5 03:16	2026-06-5	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed