Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 27, 2026, 8:58 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
381 7.8 重要
Local
オラクル Oracle Application Development Framework (Oracle ADF) オラクルのOracle Application Development Framework (Oracle ADF)におけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御
CVE-2026-35243 2026-04-27 10:49 2026-04-21 Show GitHub Exploit DB Packet Storm
382 7.5 重要
Network
libp2p libp2p Protocol Labsのlibp2pにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て
CVE-2026-35405 2026-04-27 10:49 2026-04-7 Show GitHub Exploit DB Packet Storm
383 8.2 重要
Network
libp2p libp2p Protocol Labsのlibp2pにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て
CVE-2026-35457 2026-04-27 10:49 2026-04-7 Show GitHub Exploit DB Packet Storm
384 8.8 重要
Network
pyLoad-ng project pyLoad-ng pyLoad-ng projectのpyLoad-ngにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション
CVE-2026-35463 2026-04-27 10:49 2026-04-7 Show GitHub Exploit DB Packet Storm
385 5.3 警告
Network
oobabooga TextGen oobaboogaのTextGenにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル
CVE-2026-35483 2026-04-27 10:49 2026-04-7 Show GitHub Exploit DB Packet Storm
386 8.8 重要
Local
NSA Emissary NSAのEmissaryにおける複数の脆弱性 New CWE-116
CWE-78
CVE-2026-35582 2026-04-27 10:49 2026-04-18 Show GitHub Exploit DB Packet Storm
387 6.5 警告
Network
Vikunja Vikunja Vikunjaにおけるセッション期限に関する脆弱性 New CWE-613
不適切なセッション期限
CVE-2026-35594 2026-04-27 10:48 2026-04-10 Show GitHub Exploit DB Packet Storm
388 5.3 警告
Network
レッドハット build of keycloak レッドハットのbuild of keycloakにおける同一生成元ポリシー違反に関する脆弱性 New CWE-346
同一生成元ポリシー違反
CVE-2026-37977 2026-04-27 10:48 2026-04-6 Show GitHub Exploit DB Packet Storm
389 7.5 重要
Network
Signal K Signal K Server Signal KのSignal K Serverにおける複数の脆弱性 New CWE-1333
CWE-400
CVE-2026-39320 2026-04-27 10:48 2026-04-21 Show GitHub Exploit DB Packet Storm
390 5.4 警告
Network
opensourcepos open source point of sale opensourceposのopen source point of saleにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2026-39380 2026-04-27 10:48 2026-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 27, 2026, 1:20 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
271271 - oracle
debian
canonical
mariadb
redhat
suse
solaris
communications_policy_management
mysql
debian_linux
ubuntu_linux
mariadb
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_li…
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileg… NVD-CWE-noinfo
CVE-2015-2568 2024-11-21 11:27 2015-04-17 Show GitHub Exploit DB Packet Storm
271272 - oracle
novell
mysql
suse_linux_sdk
suse_linux
suse_linux_for_vmware
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges. NVD-CWE-noinfo
CVE-2015-2567 2024-11-21 11:27 2015-04-17 Show GitHub Exploit DB Packet Storm
271273 - novell
oracle
suse_linux_sdk
suse_linux
suse_linux_for_vmware
mysql
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML. NVD-CWE-noinfo
CVE-2015-2566 2024-11-21 11:27 2015-04-17 Show GitHub Exploit DB Packet Storm
271274 - oracle e-business_suite Unspecified vulnerability in the Oracle Installed Base component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unkno… NVD-CWE-noinfo
CVE-2015-2565 2024-11-21 11:27 2015-04-17 Show GitHub Exploit DB Packet Storm
271275 - palo_alto_networks traps Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers t… CWE-79
Cross-site Scripting
CVE-2015-2223 2024-11-21 11:27 2015-04-14 Show GitHub Exploit DB Packet Storm
271276 - boosted boosted_boards Unspecified vulnerability in Boosted Boards skateboards allows physically proximate attackers to modify skateboard movement, cause human injury, or cause physical damage via vectors related to an "in… NVD-CWE-noinfo
CVE-2015-2247 2024-11-21 11:27 2015-04-11 Show GitHub Exploit DB Packet Storm
271277 - netgate pfsense Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators f… CWE-352
 Origin Validation Error
CVE-2015-2295 2024-11-21 11:27 2015-04-11 Show GitHub Exploit DB Packet Storm
271278 - fedoraproject
xen
fedora
xen
The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host… CWE-20
 Improper Input Validation 
CVE-2015-2752 2024-11-21 11:27 2015-04-1 Show GitHub Exploit DB Packet Storm
271279 - xen
fedoraproject
xen
fedora
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations. CWE-17
Code
CVE-2015-2751 2024-11-21 11:27 2015-04-1 Show GitHub Exploit DB Packet Storm
271280 - netgate pfsense Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captivepor… CWE-79
Cross-site Scripting
CVE-2015-2294 2024-11-21 11:27 2015-04-1 Show GitHub Exploit DB Packet Storm