Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3831	9.8	緊急 Network	angeljudesuarez	School Management System Project In PHP Source Code	Angel Jude Reyes SuarezのSchool Management System Project In PHP Source Codeにおける複数の脆弱性	CWE-74 CWE-89	CVE-2026-1590	2026-02-4 18:39	2026-01-29	Show	GitHub Exploit DB Packet Storm

3832	7.9	重要 Network	Atlassian	Crowd	AtlassianのCrowdにおけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2026-21569	2026-02-4 18:39	2026-01-28	Show	GitHub Exploit DB Packet Storm

3833	6.5	警告 Network	Chainlit	Chainlit	Chainlitにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-22218	2026-02-4 18:39	2026-01-20	Show	GitHub Exploit DB Packet Storm

3834	7.7	重要 Network	Chainlit	Chainlit	Chainlitにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-22219	2026-02-4 18:39	2026-01-20	Show	GitHub Exploit DB Packet Storm

3835	6.1	警告 Local	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける複数の脆弱性	CWE-476 CWE-787	CVE-2025-11187	2026-02-4 18:39	2026-01-27	Show	GitHub Exploit DB Packet Storm

3836	9.8	緊急 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2025-15467	2026-02-4 18:39	2026-01-27	Show	GitHub Exploit DB Packet Storm

3837	5.9	警告 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-15468	2026-02-4 18:39	2026-01-27	Show	GitHub Exploit DB Packet Storm

3838	5.5	警告 Local	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおけるデジタル署名の検証に関する脆弱性	CWE-347 デジタル署名の不適切な検証	CVE-2025-15469	2026-02-4 18:39	2026-01-27	Show	GitHub Exploit DB Packet Storm

3839	5.9	警告 Network	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける過剰なサイズ値のメモリ割り当てに関する脆弱性	CWE-789 過剰なサイズ値のメモリ割り当て	CVE-2025-66199	2026-02-4 18:39	2026-01-27	Show	GitHub Exploit DB Packet Storm

3840	4.7	警告 Local	OpenSSL Project	OpenSSL	OpenSSL ProjectのOpenSSLにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2025-68160	2026-02-4 18:39	2026-01-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348381	-	scriptscenter	ezupload_pro	index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter.	NVD-CWE-Other	CVE-2005-4308	2008-09-20 13:42	2005-12-17	Show	GitHub Exploit DB Packet Storm

348382	-	binary-concepts	binary_board_system	Multiple cross-site scripting (XSS) vulnerabilities in Binary Board System (BBS) 0.2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) inreplyto, (2) article, an…	NVD-CWE-Other	CVE-2005-4333	2008-09-20 13:42	2005-12-17	Show	GitHub Exploit DB Packet Storm

348383	-	courseforum	projectforum	ProjectForum 4.7.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted pageid parameter to admin/versions.html.	NVD-CWE-Other	CVE-2005-4335	2008-09-20 13:42	2005-12-17	Show	GitHub Exploit DB Packet Storm

348384	-	fad_solutions	drzes_hms	Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote attackers to execute arbitrary SQL commands via the (1) plan_id parameter to (a) domains.php, (b) viewusage.php, (c) pop_accounts.…	NVD-CWE-Other	CVE-2005-4366	2008-09-20 13:42	2005-12-20	Show	GitHub Exploit DB Packet Storm

348385	-	fad_solutions	drzes_hms	Cross-site scripting (XSS) vulnerability in register_domain.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the "Domain…	NVD-CWE-Other	CVE-2005-4367	2008-09-20 13:42	2005-12-20	Show	GitHub Exploit DB Packet Storm

348386	-	asps	shopping_cart	Multiple SQL injection vulnerabilities in Absolute Shopping Package Solutions (ASPS) Shopping Cart Professional 2.9d and earlier, and Lite 2.1 and earlier, allow remote attackers to execute arbitrary…	NVD-CWE-Other	CVE-2005-4003	2008-09-20 13:41	2005-12-5	Show	GitHub Exploit DB Packet Storm

348387	-	jax_calendar	jax_calendar	SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter, and possibly the (2) Y and (3) m parameter…	NVD-CWE-Other	CVE-2005-4008	2008-09-20 13:41	2005-12-5	Show	GitHub Exploit DB Packet Storm

348388	-	php_lite	calendar_express	Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid and (2) catid parameters to (a) day.php, (…	NVD-CWE-Other	CVE-2005-4009	2008-09-20 13:41	2005-12-5	Show	GitHub Exploit DB Packet Storm

348389	-	-	-	property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message.	NVD-CWE-Other	CVE-2005-4017	2008-09-20 13:41	2005-12-5	Show	GitHub Exploit DB Packet Storm

348390	-	simplemedia	simplebbs	SQL injection vulnerability in SimpleBBS 1.1 allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters.	CWE-89 SQL Injection	CVE-2005-4027	2008-09-20 13:41	2005-12-5	Show	GitHub Exploit DB Packet Storm