Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
431	7.8	重要 Local	Lenovo	PCManager	LenovoのPCManagerにおける不要な特権による実行に関する脆弱性	CWE-250 不要な特権による実行	CVE-2025-8486	2026-02-4 18:37	2025-10-15	Show	GitHub Exploit DB Packet Storm

432	4.9	警告 Network	M-Files	M-Files Server	M-FilesのM-Files Serverにおける入力の構文的正当性の検証に関する脆弱性	CWE-1286 入力の構文的正当性の不適切な検証	CVE-2026-0663	2026-02-4 18:37	2026-01-21	Show	GitHub Exploit DB Packet Storm

433	6.1	警告 Network	plantuml	plantuml	plantumlにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-0858	2026-02-4 18:37	2026-01-16	Show	GitHub Exploit DB Packet Storm

434	9.8	緊急 Network	itsourcecode	School Management System	itsourcecodeのSchool Management Systemにおける複数の脆弱性	CWE-74 CWE-89	CVE-2026-1176	2026-02-4 18:37	2026-01-19	Show	GitHub Exploit DB Packet Storm

435	4.6	警告 Local	Esri	ArcGIS Pro	EsriのArcGIS Proにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-1446	2026-02-4 18:37	2026-01-26	Show	GitHub Exploit DB Packet Storm

436	6.1	警告 Network	NHN Japan	billboard.js	NHN Japanのbillboard.jsにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-1513	2026-02-4 18:37	2026-01-28	Show	GitHub Exploit DB Packet Storm

437	7.5	重要 Network	Open5GS	Open5GS	Open5GSにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-1521	2026-02-4 18:37	2026-01-28	Show	GitHub Exploit DB Packet Storm

438	7.5	重要 Network	Open5GS	Open5GS	Open5GSにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-1522	2026-02-4 18:37	2026-01-28	Show	GitHub Exploit DB Packet Storm

439	9.8	緊急 Network	fabian	Online Music Site	Fabian RosのOnline Music Siteにおける複数の脆弱性	CWE-74 CWE-89	CVE-2026-1534	2026-02-4 18:37	2026-01-28	Show	GitHub Exploit DB Packet Storm

440	9.8	緊急 Network	fabian	Online Music Site	Fabian RosのOnline Music Siteにおける複数の脆弱性	CWE-74 CWE-89	CVE-2026-1535	2026-02-4 18:37	2026-01-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306541	-	ritlabs	the_bat	The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name.	NVD-CWE-Other	CVE-2002-0338	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306542	-	microsoft	windows_media_player	Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, …	NVD-CWE-Other	CVE-2002-0340	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306543	-	novell	groupwise	GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.	NVD-CWE-Other	CVE-2002-0341	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306544	-	kde	k-mail	Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.	NVD-CWE-Other	CVE-2002-0342	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306545	-	hotline_communications	hotline_connect	Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by …	NVD-CWE-Other	CVE-2002-0343	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306546	-	symantec	liveupdate	Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the …	NVD-CWE-Other	CVE-2002-0344	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306547	-	symantec	norton_ghost	Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.	NVD-CWE-Other	CVE-2002-0345	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306548	-	sun	cobalt_raq_2 cobalt_raq_3i cobalt_raq_4	Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi.	NVD-CWE-Other	CVE-2002-0346	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306549	-	sun	cobalt_raq_2 cobalt_raq_3i cobalt_raq_4	Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.	NVD-CWE-Other	CVE-2002-0347	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm

306550	-	sun	cobalt_raq_2 cobalt_raq_3i cobalt_raq_4	service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument.	NVD-CWE-Other	CVE-2002-0348	2016-10-18 11:19	2002-06-25	Show	GitHub Exploit DB Packet Storm