Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4321	7.5	重要 Local	オラクル	Oracle VM VirtualBox	オラクルのOracle VM VirtualBoxにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35251	2026-04-24 11:43	2026-04-21	Show	GitHub Exploit DB Packet Storm

4322	5.3	警告 Network	WWBN	AVideo	WWBNのAVideoにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-35449	2026-04-24 11:42	2026-04-6	Show	GitHub Exploit DB Packet Storm

4323	8.7	重要 Network	Apostrophe Technologies	ApostropheCMS	Apostrophe TechnologiesのApostropheCMSにおける複数の脆弱性	CWE-116 CWE-79	CVE-2026-35569	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

4324	6.3	警告 Local	Glances project	Glances	Nicolas Hennion (nicolargo)のGlancesにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-35588	2026-04-24 11:42	2026-04-21	Show	GitHub Exploit DB Packet Storm

4325	7.3	重要 Local	Anthropic PBC	Claude Code	Anthropic PBCのClaude Codeにおける信頼できない検索パスに関する脆弱性	CWE-426 信頼性のない検索パス	CVE-2026-35603	2026-04-24 11:42	2026-04-17	Show	GitHub Exploit DB Packet Storm

4326	6.5	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost ServerにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-3590	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

4327	6.5	警告 Network	WWBN	AVideo	WWBNのAVideoにおけるデータの信頼性についての不十分な検証に関する脆弱性	CWE-345 データの信頼性についての不十分な検証	CVE-2026-39366	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

4328	5.4	警告 Network	WWBN	AVideo	WWBNのAVideoにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-39367	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

4329	6.5	警告 Network	WWBN	AVideo	WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-39368	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

4330	7.6	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-39369	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348141	-	linux_directory_penguin	nslookup	Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters.	NVD-CWE-Other	CVE-2002-0489	2016-10-18 11:20	2002-08-12	Show	GitHub Exploit DB Packet Storm

348142	-	phpbb_group	phpbb	phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.	NVD-CWE-Other	CVE-2002-0533	2016-10-18 11:20	2002-08-12	Show	GitHub Exploit DB Packet Storm

348143	-	openbsd	openbsd	mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cro…	NVD-CWE-Other	CVE-2002-0542	2016-10-18 11:20	2002-07-3	Show	GitHub Exploit DB Packet Storm

348144	-	oracle	application_server application_server_web_cache oracle8i oracle9i	PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listpri…	NVD-CWE-Other	CVE-2002-0560	2016-10-18 11:20	2002-07-3	Show	GitHub Exploit DB Packet Storm

348145	-	oracle	application_server application_server_web_cache oracle8i oracle9i	The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and mod…	NVD-CWE-Other	CVE-2002-0561	2016-10-18 11:20	2002-07-3	Show	GitHub Exploit DB Packet Storm

348146	-	oracle	application_server application_server_web_cache oracle9i	The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information inclu…	NVD-CWE-Other	CVE-2002-0562	2016-10-18 11:20	2002-07-3	Show	GitHub Exploit DB Packet Storm

348147	-	oracle	application_server application_server_web_cache oracle8i oracle9i	PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate …	NVD-CWE-Other	CVE-2002-0564	2016-10-18 11:20	2002-07-3	Show	GitHub Exploit DB Packet Storm

348148	-	oracle	application_server oracle8i oracle9i	Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConf…	NVD-CWE-Other	CVE-2002-0568	2016-10-18 11:20	2002-07-3	Show	GitHub Exploit DB Packet Storm

348149	-	oracle	application_server	Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet).	NVD-CWE-Other	CVE-2002-0569	2016-10-18 11:20	2002-07-3	Show	GitHub Exploit DB Packet Storm

348150	-	openbsd	openssh	Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privile…	NVD-CWE-Other	CVE-2002-0575	2016-10-18 11:20	2002-06-18	Show	GitHub Exploit DB Packet Storm