Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251	5.3	警告 Network	Node.js Foundation	Node.js	Node.js FoundationのNode.jsにおける不適切なデフォルトパーミッションに関する脆弱性	CWE-276 不適切なデフォルトパーミッション	CVE-2025-55132	2026-02-5 15:46	2026-01-20	Show	GitHub Exploit DB Packet Storm

252	7.5	重要 Network	OwnTone project	OwnTone	OwnTone projectのOwnToneにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-57155	2026-02-5 15:46	2026-01-20	Show	GitHub Exploit DB Packet Storm

253	6.5	警告 Network	Engineering Ingegneria Informatica	knowage	Engineering Ingegneria Informaticaのknowageにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2025-58441	2026-02-5 15:46	2026-01-7	Show	GitHub Exploit DB Packet Storm

254	8.7	重要 Network	Ultimate Fosters	Ultimate POS	Ultimate FostersのUltimate POSにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-60503	2026-02-5 15:46	2025-11-3	Show	GitHub Exploit DB Packet Storm

255	5.3	警告 Network	The Go Project	Go	The Go ProjectのGoにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-61730	2026-02-5 15:46	2026-01-28	Show	GitHub Exploit DB Packet Storm

256	4.3	警告 Network	webinarpress	webinarpress	WordPress用webinarpressにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2025-62972	2026-02-5 15:45	2025-10-27	Show	GitHub Exploit DB Packet Storm

257	7.5	重要 Network	oneflow	oneflow	oneflowにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65886	2026-02-5 15:45	2026-01-28	Show	GitHub Exploit DB Packet Storm

258	6.5	警告 Network	oneflow	oneflow	oneflowにおけるゼロ除算に関する脆弱性	CWE-369 ゼロ除算	CVE-2025-65887	2026-02-5 15:45	2026-01-28	Show	GitHub Exploit DB Packet Storm

259	7.5	重要 Network	oneflow	oneflow	oneflowにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65888	2026-02-5 15:45	2026-01-28	Show	GitHub Exploit DB Packet Storm

260	7.5	重要 Network	oneflow	oneflow	oneflowにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2025-65889	2026-02-5 15:45	2026-01-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306541	-	ritlabs	the_bat	The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name.	NVD-CWE-Other	CVE-2002-0338	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306542	-	microsoft	windows_media_player	Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, …	NVD-CWE-Other	CVE-2002-0340	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306543	-	novell	groupwise	GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.	NVD-CWE-Other	CVE-2002-0341	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306544	-	kde	k-mail	Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.	NVD-CWE-Other	CVE-2002-0342	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306545	-	hotline_communications	hotline_connect	Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by …	NVD-CWE-Other	CVE-2002-0343	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306546	-	symantec	liveupdate	Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the …	NVD-CWE-Other	CVE-2002-0344	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306547	-	symantec	norton_ghost	Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.	NVD-CWE-Other	CVE-2002-0345	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306548	-	sun	cobalt_raq_2 cobalt_raq_3i cobalt_raq_4	Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi.	NVD-CWE-Other	CVE-2002-0346	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306549	-	sun	cobalt_raq_2 cobalt_raq_3i cobalt_raq_4	Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.	NVD-CWE-Other	CVE-2002-0347	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306550	-	sun	cobalt_raq_2 cobalt_raq_3i cobalt_raq_4	service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument.	NVD-CWE-Other	CVE-2002-0348	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm