Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3691	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるCRLF インジェクションの脆弱性	CWE-93 CRLF インジェクション	CVE-2026-34458	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3692	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-34459	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3693	7.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-34461	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3694	7.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける複数の脆弱性	CWE-121 CWE-170	CVE-2026-34462	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3695	8.8	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおける複数の脆弱性	CWE-121 CWE-170	CVE-2026-34464	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3696	7	重要 Local	sandboxie-plus	Sandboxie	sandboxie-plusのSandboxieにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-34596	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3697	6.5	警告 Network	Django Software Foundation	Django	Django Software FoundationのDjangoにおける重要情報を含む永続 Cookie の使用に関する脆弱性	CWE-539 重要情報を含む永続 Cookie の使用	CVE-2026-35192	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3698	5	警告 Network	Linux Containers	Incus	Linux ContainersのIncusにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-35527	2026-05-11 10:58	2026-05-5	Show	GitHub Exploit DB Packet Storm

3699	4.8	警告 Network	Broadcom	symantec siteminder	Broadcomのsymantec siteminderにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3862	2026-05-11 10:58	2026-03-10	Show	GitHub Exploit DB Packet Storm

3700	2.7	低 Network	レッドハット	build of keycloak	レッドハットのbuild of keycloakにおける認可されていない行為者への個人情報の漏えいに関する脆弱性	CWE-359 CWE-noinfo	CVE-2026-3911	2026-05-11 10:58	2026-03-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
354981	-	waxtrapp	waxtrapp	Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.	NVD-CWE-Other	CVE-2005-4512	2008-09-20 13:43	2005-12-23	Show	GitHub Exploit DB Packet Storm

354982	-	ooapp	ooapp_guestbook	Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.	NVD-CWE-Other	CVE-2005-4598	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354983	-	phpoutsourcing	zorum	SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method.	NVD-CWE-Other	CVE-2005-4619	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354984	-	jelsoft	vbulletin	Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which th…	NVD-CWE-Other	CVE-2005-4621	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354985	-	help_desk_point_software	helpdeskpoint	SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.	NVD-CWE-Other	CVE-2005-4628	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354986	-	smbcms	smbcms	SQL injection vulnerability in SMBCMS 2.1 allows remote attackers to execute arbitrary SQL commands via unspecified search parameters.	NVD-CWE-Other	CVE-2005-4629	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354987	-	ryan_lath	zina	SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter.	NVD-CWE-Other	CVE-2005-4631	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354988	-	vote_pro	vote_pro	SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.	CWE-89 SQL Injection	CVE-2005-4632	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354989	-	activecampaign	supporttrio	SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information …	NVD-CWE-Other	CVE-2005-4634	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm

354990	-	class-1	poll_software	SQL injection vulnerability in index.php in class-1 Poll Software 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) pollid or (2) previouspoll parameters.	NVD-CWE-Other	CVE-2005-4640	2008-09-20 13:43	2005-12-31	Show	GitHub Exploit DB Packet Storm