Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3861 8.5 重要
Network 		b3log SiYuan B3logのSiYuanにおけるパストラバーサルの脆弱性 CWE-24
パストラバーサル (../filedir) 		CVE-2026-40318 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
3862 9 緊急
Network 		b3log SiYuan B3logのSiYuanにおける複数の脆弱性 CWE-79
CWE-94
CVE-2026-40322 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
3863 7.2 重要
Network 		フォーティネット Fortiweb フォーティネットのFortiwebにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-40688 2026-04-21 10:44 2026-04-14 Show GitHub Exploit DB Packet Storm
3864 6.5 警告
Network 		DataEase DataEase DataEaseにおける許容された入力値の許可リストに関する脆弱性 CWE-183
許容された入力値の許可リスト 		CVE-2026-40899 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
3865 8.8 重要
Network 		DataEase DataEase DataEaseにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-40900 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
3866 8.8 重要
Network 		DataEase DataEase DataEaseにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40901 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
3867 5.4 警告
Network 		b3log SiYuan B3logのSiYuanにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-40922 2026-04-21 10:44 2026-04-17 Show GitHub Exploit DB Packet Storm
3868 9.8 緊急
Network 		FFmpeg FFmpeg FFmpegにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40962 2026-04-21 10:44 2026-04-16 Show GitHub Exploit DB Packet Storm
3869 5.4 警告
Network 		Bludit Bludit Bluditにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-4420 2026-04-21 10:44 2026-04-7 Show GitHub Exploit DB Packet Storm
3870 8.8 重要
Network 		FreeBSD FreeBSD FreeBSDにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-4747 2026-04-21 10:44 2026-03-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347881 - hp hp-ux HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. NVD-CWE-Other
CVE-1999-0961 2016-10-18 11:00 1996-09-21 Show GitHub Exploit DB Packet Storm
347882 - sco unixware The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. NVD-CWE-Other
CVE-1999-0979 2016-10-18 11:00 2000-04-11 Show GitHub Exploit DB Packet Storm
347883 - netscape communicator Netscape Navigator uses weak encryption for storing a user's Netscape mail password. NVD-CWE-Other
CVE-1999-1002 2016-10-18 11:00 2000-01-12 Show GitHub Exploit DB Packet Storm
347884 - netscape
novell 		enterprise_server
groupwise 		Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. NVD-CWE-Other
CVE-1999-1005 2016-10-18 11:00 1999-12-19 Show GitHub Exploit DB Packet Storm
347885 - novell groupwise Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. NVD-CWE-Other
CVE-1999-1006 2016-10-18 11:00 1999-12-19 Show GitHub Exploit DB Packet Storm
347886 - vdonet vdolive_player Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file. NVD-CWE-Other
CVE-1999-1007 2016-10-18 11:00 1999-12-13 Show GitHub Exploit DB Packet Storm
347887 - freebsd
mandrakesoft 		freebsd
mandrake_linux 		xsoldier program allows local users to gain root access via a long argument. NVD-CWE-Other
CVE-1999-1008 2016-10-18 11:00 2000-05-17 Show GitHub Exploit DB Packet Storm
347888 - openbsd openssh An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. NVD-CWE-Other
CVE-1999-1010 2016-10-18 11:00 1999-12-14 Show GitHub Exploit DB Packet Storm
347889 - ibm aix named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file. NVD-CWE-Other
CVE-1999-1013 2016-10-18 11:00 1999-09-23 Show GitHub Exploit DB Packet Storm
347890 - seattle_lab_software emurl Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recip… NVD-CWE-Other
CVE-1999-1017 2016-10-18 11:00 1999-07-28 Show GitHub Exploit DB Packet Storm