Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2651	9.8	緊急 Network	Sangfor Technologies	OSM	Sangfor TechnologiesのOSMにおける複数の脆弱性	CWE-77 CWE-78 CWE-78	CVE-2026-1324	2026-02-2 19:37	2026-01-22	Show	GitHub Exploit DB Packet Storm

2652	9.8	緊急 Network	Sangfor Technologies	OSM	Sangfor TechnologiesのOSMにおけるパスワード管理機能に関する脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2026-1325	2026-02-2 19:37	2026-01-22	Show	GitHub Exploit DB Packet Storm

2653	8.8	重要 Network	TOTOLINK	nr1800x ファームウェア	TOTOLINKのnr1800x ファームウェアにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-1326	2026-02-2 19:37	2026-01-22	Show	GitHub Exploit DB Packet Storm

2654	8.8	重要 Network	TOTOLINK	nr1800x ファームウェア	TOTOLINKのnr1800x ファームウェアにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-1327	2026-02-2 19:37	2026-01-22	Show	GitHub Exploit DB Packet Storm

2655	8.8	重要 Network	TOTOLINK	nr1800x ファームウェア	TOTOLINKのnr1800x ファームウェアにおける複数の脆弱性	CWE-119 CWE-120	CVE-2026-1328	2026-02-2 19:37	2026-01-22	Show	GitHub Exploit DB Packet Storm

2656	4.2	警告 Physics	Beetel	Beetel 777VR1 ファームウェア	BeetelのBeetel 777VR1 ファームウェアにおける複数の脆弱性	CWE-200 CWE-284	CVE-2026-1407	2026-02-2 19:37	2026-01-25	Show	GitHub Exploit DB Packet Storm

2657	4.2	警告 Physics	Beetel	Beetel 777VR1 ファームウェア	BeetelのBeetel 777VR1 ファームウェアにおける脆弱なパスワードの要求に関する脆弱性	CWE-521 脆弱なパスワードポリシー	CVE-2026-1408	2026-02-2 19:37	2026-01-25	Show	GitHub Exploit DB Packet Storm

2658	4.2	警告 Physics	Beetel	Beetel 777VR1 ファームウェア	BeetelのBeetel 777VR1 ファームウェアにおける複数の脆弱性	CWE-307 CWE-799	CVE-2026-1409	2026-02-2 19:37	2026-01-26	Show	GitHub Exploit DB Packet Storm

2659	6.4	警告 Physics	Beetel	Beetel 777VR1 ファームウェア	BeetelのBeetel 777VR1 ファームウェアにおける複数の脆弱性	CWE-287 CWE-306	CVE-2026-1410	2026-02-2 19:37	2026-01-26	Show	GitHub Exploit DB Packet Storm

2660	6.1	警告 Physics	Beetel	Beetel 777VR1 ファームウェア	BeetelのBeetel 777VR1 ファームウェアにおける複数の脆弱性	CWE-266 CWE-284	CVE-2026-1411	2026-02-2 19:37	2026-01-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348381	-	kerio	personal_firewall	Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood.	NVD-CWE-Other	CVE-2002-2161	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348382	-	cerulean_studios	trillian	Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user account…	NVD-CWE-Other	CVE-2002-2162	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348383	-	killervault	kvpoll	KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php.	NVD-CWE-Other	CVE-2002-2163	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348384	-	microsoft	outlook_express	Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link.	NVD-CWE-Other	CVE-2002-2164	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348385	-	imho	imho_webmail	The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.	NVD-CWE-Other	CVE-2002-2165	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348386	-	e-zone_media_inc.	fusetalk	Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert arbitrary HTML and web script.	NVD-CWE-Other	CVE-2002-2166	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348387	-	thorsten_korner	123tkshop	Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null…	NVD-CWE-Other	CVE-2002-2167	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348388	-	thorsten_korner	123tkshop	SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including function_describe_item1.inc.php.	NVD-CWE-Other	CVE-2002-2168	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348389	-	aol	instant_messenger	Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a use…	NVD-CWE-Other	CVE-2002-2169	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm

348390	-	working_resources_inc.	badblue	Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, whic…	NVD-CWE-Other	CVE-2002-2170	2008-09-6 05:32	2002-12-31	Show	GitHub Exploit DB Packet Storm