Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4271	7.5	重要 Network	オラクル	Oracle Financial Services Customer Screening	オラクルのOracle Financial Services Customer Screeningにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-34320	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

4272	5.8	警告 Network	Pavel Zbornik (pavelzbornik)	whisperX REST API	Pavel Zbornik (pavelzbornik)のwhisperX REST APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-34981	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

4273	7.5	重要 Network	Distribution	Distribution	Distributionにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-35172	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

4274	7.5	重要 Network	UnJS Team	defu	UnJS Teamのdefuにおけるオブジェクトプロトタイプ属性の不適切に制御された変更に関する脆弱性	CWE-1321 オブジェクトプロトタイプ属性の不適切に制御された変更 (プロトタイプの汚染)	CVE-2026-35209	2026-04-30 12:13	2026-04-6	Show	GitHub Exploit DB Packet Storm

4275	7.5	重要 Network	オラクル	Oracle Financial Services Transaction Filtering	オラクルのOracle Financial Services Transaction Filteringにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35231	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

4276	6.3	警告 Local	Flatpak	XDG Desktop Portal (xdg-desktop-portal)	FlatpakのXDG Desktop Portal (xdg-desktop-portal)におけるUNIX Symbolic Link のフォローに関する脆弱性	CWE-61 UNIX Symbolic Link のフォロー	CVE-2026-40354	2026-04-30 12:13	2026-04-11	Show	GitHub Exploit DB Packet Storm

4277	5.3	警告 Local	Veeam	one	サムスンのOneにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40448	2026-04-30 12:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

4278	6.6	警告 Local	Veeam	one	サムスンのOneにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40449	2026-04-30 12:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

4279	6.6	警告 Local	Veeam	one	サムスンのOneにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-40450	2026-04-30 12:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

4280	8.2	重要 Network	UltraDAG	UltraDAG	UltraDAGにおける複数の脆弱性	CWE-460 CWE-696	CVE-2026-40583	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346561	-	cpanel	cpanel	Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to (a) editquota.html or (b) dodel…	NVD-CWE-Other	CVE-2006-0573	2017-07-20 10:29	2006-02-8	Show	GitHub Exploit DB Packet Storm

346562	-	thibault_godouet	fcron	convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion.	NVD-CWE-Other	CVE-2006-0575	2017-07-20 10:29	2006-02-8	Show	GitHub Exploit DB Packet Storm

346563	-	mplayer	mplayer	Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to exe…	NVD-CWE-Other	CVE-2006-0579	2017-07-20 10:29	2006-02-8	Show	GitHub Exploit DB Packet Storm

346564	-	ibm	lotus_domino_server	IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted packet to the LDAP port (389/TCP).	NVD-CWE-Other	CVE-2006-0580	2017-07-20 10:29	2006-02-8	Show	GitHub Exploit DB Packet Storm

346565	-	hosting_controller	hosting_controller	SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySett…	NVD-CWE-Other	CVE-2006-0581	2017-07-20 10:29	2006-02-8	Show	GitHub Exploit DB Packet Storm

346566	-	clever_copy	clever_copy	SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.	NVD-CWE-Other	CVE-2006-0583	2017-07-20 10:29	2006-02-8	Show	GitHub Exploit DB Packet Storm

346567	-	php_fusion	php_fusion	Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 allows remote attackers to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) co…	NVD-CWE-Other	CVE-2006-0593	2017-07-20 10:29	2006-02-8	Show	GitHub Exploit DB Packet Storm

346568	-	stefan_ritt	elog_web_logbook	elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request.	NVD-CWE-Other	CVE-2006-0600	2017-07-20 10:29	2006-02-13	Show	GitHub Exploit DB Packet Storm

346569	-	atmail	atmail	Directory traversal vulnerability in compose.pl in @Mail 4.3 and earlier for Windows allows remote attackers to upload arbitrary files to arbitrary locations via a .. (dot dot) in the unique paramete…	NVD-CWE-Other	CVE-2006-0611	2017-07-20 10:29	2006-02-9	Show	GitHub Exploit DB Packet Storm

346570	-	powersave	powersave	Powersave daemon before 0.10.15.2 allows local users to gain privileges (unauthorized access to an X session) via unspecified vectors. NOTE: the provenance of this information is unknown; portions of…	NVD-CWE-Other	CVE-2006-0612	2017-07-20 10:29	2006-02-9	Show	GitHub Exploit DB Packet Storm