Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2771 9.8 緊急
Network 		Topsec Technologies Group Inc. Tianxin Internet Behavior Management System Topsec Technologies Group Inc.のTianxin Internet Behavior Management SystemにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2021-4473 2026-04-27 11:29 2026-04-7 Show GitHub Exploit DB Packet Storm
2772 7.2 重要
Network 		Dolibarr ERP & CRM dolibarr erp/crm Dolibarr ERP & CRMのdolibarr erp/crmにおける複数の脆弱性 CWE-94
CWE-95
CVE-2026-22666 2026-04-27 11:29 2026-04-7 Show GitHub Exploit DB Packet Storm
2773 9.8 緊急
Network 		Weaver Software Weaver e cology Weaver SoftwareのWeaver e cologyにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-22679 2026-04-27 11:29 2026-04-7 Show GitHub Exploit DB Packet Storm
2774 8.8 重要
Local 		PackageKit Project PackageKit PackageKit ProjectのPackageKitにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-41651 2026-04-27 11:29 2026-04-22 Show GitHub Exploit DB Packet Storm
2775 4.4 警告
Local 		libjxl project libjxl libjxl projectのlibjxlにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2025-12474 2026-04-27 11:28 2026-02-11 Show GitHub Exploit DB Packet Storm
2776 7.5 重要
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2025-65104 2026-04-27 11:28 2026-04-17 Show GitHub Exploit DB Packet Storm
2777 6.7 警告
Local 		マイクロソフト Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 10 1809
Microsoft Windows 10 22h2
Microsoft Wind… 		UEFI セキュア ブートのセキュリティ機能バイパスの脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-0390 2026-04-27 11:28 2026-04-14 Show GitHub Exploit DB Packet Storm
2778 4.3 警告
Network 		wolfssh wolfssh wolfsshにおける複数の脆弱性 CWE-125
CWE-126
CVE-2026-0930 2026-04-27 11:28 2026-04-20 Show GitHub Exploit DB Packet Storm
2779 5.5 警告
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 11 23h2
Microsoft Windows 11 26h1
Microsoft Windows 10 1809
Microsoft Wind… 		Windows COM サーバーの情報漏えいの脆弱性 CWE-843
型の取り違え 		CVE-2026-20806 2026-04-27 11:28 2026-04-14 Show GitHub Exploit DB Packet Storm
2780 4.6 警告
Physics 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows 回復環境のセキュリティ機能バイパスの脆弱性 CWE-212
保存または転送前の重要な情報の不適切な削除 		CVE-2026-20928 2026-04-27 11:28 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351871 - tolis_group bru xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbru_dscheck.dd temporary file. NVD-CWE-Other
CVE-2002-1512 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351872 - compaq tcp-ip_services The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions becau… NVD-CWE-Other
CVE-2002-1513 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351873 - borland_software interbase gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file. NVD-CWE-Other
CVE-2002-1514 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351874 - coolforum coolforum Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files via .. (dot dot) sequences in the img parameter. NVD-CWE-Other
CVE-2002-1515 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351875 - sgi freeware
irix 		fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file. NVD-CWE-Other
CVE-2002-1517 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351876 - sgi irix mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories. NVD-CWE-Other
CVE-2002-1518 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351877 - rapidstream
watchguard 		rapidstream
firebox 		Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arb… NVD-CWE-Other
CVE-2002-1519 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351878 - rapidstream
watchguard 		rapidstream
firebox 		The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows … NVD-CWE-Other
CVE-2002-1520 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351879 - mdg_computer_services web_server_4d Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges. NVD-CWE-Other
CVE-2002-1521 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm
351880 - cooolsoft powerftp Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument. NVD-CWE-Other
CVE-2002-1522 2008-09-6 05:30 2003-04-2 Show GitHub Exploit DB Packet Storm