Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2561 7.5 重要
Network 		NERDVANA (Michael Conrad) Crypt-SecretBuffer NERDVANA (Michael Conrad)のCrypt-SecretBufferにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-5086 2026-05-8 12:10 2026-04-13 Show GitHub Exploit DB Packet Storm
2562 7.5 重要
Network 		JDEGUEST (Jacques Deguest) Apache::API::Password JDEGUEST (Jacques Deguest)のApache::API::Passwordにおける暗号の脆弱な PRNG の使用に関する脆弱性 CWE-338
暗号における脆弱な PRNG の使用 		CVE-2026-5088 2026-05-8 12:09 2026-04-15 Show GitHub Exploit DB Packet Storm
2563 8.8 重要
Network 		Cerberus, LLC Cerberus FTP Server CerberusのCerberus FTP Serverにおける安全に保持されない継承されたパーミッションに関する脆弱性 CWE-278
安全に保持されない継承されたパーミッション 		CVE-2026-6265 2026-05-8 12:09 2026-04-27 Show GitHub Exploit DB Packet Storm
2564 8.8 重要
Network 		レッドハット Red Hat Enterprise Linux AI
InstructLab 		レッドハットのRed Hat Enterprise Linux AI等の複数製品における信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-6859 2026-05-8 12:09 2026-04-22 Show GitHub Exploit DB Packet Storm
2565 6.5 警告
Network 		Amazon.com, Inc. tuftool
Amazon tough 		Amazon.com, Inc.のAmazon tough等の複数製品におけるデジタル署名の検証に関する脆弱性 CWE-347
デジタル署名の不適切な検証 		CVE-2026-6966 2026-05-8 12:09 2026-04-24 Show GitHub Exploit DB Packet Storm
2566 6.5 警告
Network 		Amazon.com, Inc. tuftool
Amazon tough 		Amazon.com, Inc.のAmazon tough等の複数製品におけるデータの信頼性についての不十分な検証に関する脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2026-6967 2026-05-8 12:09 2026-04-24 Show GitHub Exploit DB Packet Storm
2567 6.5 警告
Network 		Amazon.com, Inc. tuftool
Amazon tough 		Amazon.com, Inc.のAmazon tough等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6968 2026-05-8 12:09 2026-04-24 Show GitHub Exploit DB Packet Storm
2568 7.5 重要
Network 		RRWO (Robert Rothenberg) Text::Minify::XS RRWO (Robert Rothenberg)のText::Minify::XSにおける複数の脆弱性 CWE-122
CWE-176
CVE-2026-7040 2026-05-8 12:09 2026-04-27 Show GitHub Exploit DB Packet Storm
2569 8.4 重要
Local 		HMBRAND (H.Merijn Brand) Text::CSV_XS HMBRAND (H.Merijn Brand)のText::CSV_XSにおける複数の脆弱性 CWE-416
CWE-825
CVE-2026-7111 2026-05-8 12:09 2026-04-29 Show GitHub Exploit DB Packet Storm
2570 9.1 緊急
Network 		MIYAGAWA (Tatsuhiko Miyagawa) Plack::Middleware::Xsendfile MIYAGAWA (Tatsuhiko Miyagawa)のPlack::Middleware::Xsendfileにおける複数の脆弱性 CWE-200
CWE-441
CWE-913
CVE-2026-7381 2026-05-8 12:09 2026-04-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345851 - blaxxun contact_3d Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL property inside an object tag. NVD-CWE-Other
CVE-2004-1903 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345852 - panda activescan Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string. NVD-CWE-Other
CVE-2004-1904 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345853 - panda activescan ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause a denial of service (crash) by calling the SetSitesFile function. NVD-CWE-Other
CVE-2004-1905 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345854 - - - Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow. NVD-CWE-Other
CVE-2004-1906 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345855 - - - The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13". NVD-CWE-Other
CVE-2004-1907 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345856 - mcafee freescan McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters. NVD-CWE-Other
CVE-2004-1908 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345857 - clam_anti-virus clamav Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm. NVD-CWE-Other
CVE-2004-1909 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345858 - symantec security_check_virus_detection rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported… NVD-CWE-Other
CVE-2004-1910 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345859 - azerbaijan_development_group azdgdating Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id … NVD-CWE-Other
CVE-2004-1911 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
345860 - francisco_burzi
shiba-design 		php-nuke
nukecalendar 		The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote attackers to obtain sensitive info… NVD-CWE-Other
CVE-2004-1912 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm