Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
31 4.4 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける複数の脆弱性 New CWE-281
CWE-459
CVE-2026-35361 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
32 3.6
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35362 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
33 8.1 重要
Network 		OpenBSD OpenSSH OpenBSDのOpenSSHにおけるパーミッションの不適切な保持に関する脆弱性 New CWE-281
パーミッションの不適切な保持 		CVE-2026-35385 2026-04-28 10:12 2026-04-2 Show GitHub Exploit DB Packet Storm
34 8.1 重要
Network 		OpenBSD OpenSSH OpenBSDのOpenSSHにおける不適切な動作順序に関する脆弱性 New CWE-696
不適切な動作順序 		CVE-2026-35386 2026-04-28 10:12 2026-04-2 Show GitHub Exploit DB Packet Storm
35 6.5 警告
Network 		OpenBSD OpenSSH OpenBSDのOpenSSHにおける常に不適切な制御フローの実装に関する脆弱性 New CWE-670
常に不適切な制御フローの実装 		CVE-2026-35387 2026-04-28 10:12 2026-04-2 Show GitHub Exploit DB Packet Storm
36 2.5
Local 		OpenBSD OpenSSH OpenBSDのOpenSSHにおける保護されていない代替チャネルに関する脆弱性 New CWE-420
保護されていない代替チャネル 		CVE-2026-35388 2026-04-28 10:12 2026-04-2 Show GitHub Exploit DB Packet Storm
37 8.8 重要
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおけるヒープベースのバッファオーバーフローの脆弱性 New CWE-122
ヒープオーバーフロー 		CVE-2026-35512 2026-04-28 10:12 2026-04-17 Show GitHub Exploit DB Packet Storm
38 4.3 警告
Network 		Apache Software Foundation Apache Airflow Apache Software FoundationのApache Airflowにおけるアクセス制御の不十分な粒度に関する脆弱性 New CWE-1220
アクセス制御の不十分な粒度 		CVE-2026-38743 2026-04-28 10:12 2026-04-24 Show GitHub Exploit DB Packet Storm
39 7.7 重要
Network 		Lee Peuker Movary Lee PeukerのMovaryにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-40348 2026-04-28 10:12 2026-04-18 Show GitHub Exploit DB Packet Storm
40 8.8 重要
Network 		Lee Peuker Movary Lee PeukerのMovaryにおける認証の欠如に関する脆弱性 New CWE-862
認証の欠如 		CVE-2026-40349 2026-04-28 10:12 2026-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348651 - conectiva
redhat 		linux tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library t… NVD-CWE-Other
CVE-2001-1375 2008-09-6 05:26 2001-07-19 Show GitHub Exploit DB Packet Storm
348652 - openbsd openssh The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers t… NVD-CWE-Other
CVE-2001-1382 2008-09-6 05:26 2001-09-27 Show GitHub Exploit DB Packet Storm
348653 - aol instant_messenger Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via… NVD-CWE-Other
CVE-2001-1416 2008-09-6 05:26 2001-01-18 Show GitHub Exploit DB Packet Storm
348654 - surfcontrol superscout_web_filter SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both … NVD-CWE-Other
CVE-2001-1465 2008-09-6 05:26 2002-02-26 Show GitHub Exploit DB Packet Storm
348655 - macromedia jrun Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by a… NVD-CWE-Other
CVE-2001-1510 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
348656 - macromedia jrun JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "… NVD-CWE-Other
CVE-2001-1511 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
348657 - macromedia coldfusion ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE… NVD-CWE-Other
CVE-2001-1514 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
348658 - hans_wolters phpreview Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews. NVD-CWE-Other
CVE-2001-1516 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
348659 - intel xircom_rex_6000 Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN. NVD-CWE-Other
CVE-2001-1520 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
348660 - francisco_burzi php-nuke Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message. NVD-CWE-Other
CVE-2001-1522 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm