Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2611	9.1	緊急 Network	ruoyi	ruoyi	ruoyiにおける複数の脆弱性	CWE-284 CWE-862	CVE-2025-70985	2026-02-2 19:39	2026-01-23	Show	GitHub Exploit DB Packet Storm

2612	7.5	重要 Network	ruoyi	ruoyi	ruoyiにおける複数の脆弱性	CWE-284 CWE-862	CVE-2025-70986	2026-02-2 19:39	2026-01-23	Show	GitHub Exploit DB Packet Storm

2613	5.4	警告 Network	Lavalite	Lavalite	Lavaliteにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-71177	2026-02-2 19:39	2026-01-23	Show	GitHub Exploit DB Packet Storm

2614	4.2	警告 Network	Fortra	GoAnywhere Managed File Transfer	FortraのGoAnywhere Managed File Transferにおける複数の脆弱性	CWE-732 CWE-863	CVE-2025-8148	2026-02-2 19:39	2025-12-5	Show	GitHub Exploit DB Packet Storm

2615	7.5	重要 Network	TP-LINK Technologies	TL-WR841N ファームウェア	TP-LINK TechnologiesのTL-WR841N ファームウェアにおける複数の脆弱性	CWE-20 CWE-476	CVE-2025-9014	2026-02-2 19:39	2026-01-15	Show	GitHub Exploit DB Packet Storm

2616	5.5	警告 Network	Zoho Corporation	ManageEngine ADManager Plus	Zoho CorporationのManageEngine ADManager Plusにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2025-9435	2026-02-2 19:39	2026-01-13	Show	GitHub Exploit DB Packet Storm

2617	6.1	警告 Network	Zoho Corporation	manageengine applications manager	Zoho CorporationのManageEngine Applications Managerにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-9787	2026-02-2 19:39	2025-12-18	Show	GitHub Exploit DB Packet Storm

2618	6.1	警告 Network	ironmansoftware	powershell universal	ironmansoftwareのpowershell universalにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-0618	2026-02-2 19:39	2026-01-7	Show	GitHub Exploit DB Packet Storm

2619	8.8	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-0765	2026-02-2 19:39	2026-01-23	Show	GitHub Exploit DB Packet Storm

2620	8.8	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-0766	2026-02-2 19:39	2026-01-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348681	-	mozilla	bugzilla	Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, i…	NVD-CWE-Other	CVE-2002-0810	2008-09-6 05:29	2002-08-12	Show	GitHub Exploit DB Packet Storm

348682	-	padl_software	nss_ldap	Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.	NVD-CWE-Other	CVE-2002-0825	2008-09-6 05:29	2002-08-12	Show	GitHub Exploit DB Packet Storm

348683	-	caldera	unixware openunix	Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824.	NVD-CWE-Other	CVE-2002-0827	2008-09-6 05:29	2002-08-12	Show	GitHub Exploit DB Packet Storm

348684	-	caldera redhat hp	openlinux_server openlinux_workstation pre-execution_environment secure_os	Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.	NVD-CWE-Other	CVE-2002-0835	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348685	-	isdn4linux	isdn4linux	Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name comma…	NVD-CWE-Other	CVE-2002-0851	2008-09-6 05:29	2002-09-5	Show	GitHub Exploit DB Packet Storm

348686	-	gnu	mailman	Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parame…	NVD-CWE-Other	CVE-2002-0855	2008-09-6 05:29	2002-09-5	Show	GitHub Exploit DB Packet Storm

348687	-	cisco	webns content_services_switch_11000	The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privile…	NVD-CWE-Other	CVE-2002-0870	2008-09-6 05:29	2002-09-5	Show	GitHub Exploit DB Packet Storm

348688	-	evolvable_corporation	shambala_server	Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.	NVD-CWE-Other	CVE-2002-0876	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348689	-	evolvable_corporation	shambala_server	Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands.	NVD-CWE-Other	CVE-2002-0877	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348690	-	logisense	dns_manager_system hawk-i	SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in …	NVD-CWE-Other	CVE-2002-0878	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm