Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4391	7.8	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 11 23h2 Microsoft Windows 11 26h1 Microsoft Windows 10 1809 Microsoft Wind…	Windows Projected File System の特権の昇格の脆弱性	CWE-415 二重解放	CVE-2026-32074	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4392	7.5	重要 Network	EMQX	nanomq	EMQXのnanomqにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-32135	2026-04-24 11:31	2026-04-20	Show	GitHub Exploit DB Packet Storm

4393	7.4	重要 Local	マイクロソフト	Microsoft Windows Server 2019 Microsoft Windows 10 1607 Microsoft Windows Server 2016 Microsoft Windows 11 23h2 Microsoft …	Windows UPnP デバイスホストのリモートでコードが実行される脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-32156	2026-04-24 11:31	2026-04-14	Show	GitHub Exploit DB Packet Storm

4394	7.5	重要 Network	jqlang	jq	jqlangのjqにおける複数の脆弱性	CWE-122 CWE-190	CVE-2026-32316	2026-04-24 11:31	2026-04-13	Show	GitHub Exploit DB Packet Storm

4395	8.1	重要 Network	nginxui	nginx ui	Nginx UI TeamのNginx UIにおける複数の脆弱性	CWE-284 CWE-863	CVE-2026-33031	2026-04-24 11:31	2026-04-20	Show	GitHub Exploit DB Packet Storm

4396	4.3	警告 Network	Docmost	Docmost	Docmostにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-33146	2026-04-24 11:30	2026-04-14	Show	GitHub Exploit DB Packet Storm

4397	8.1	重要 Network	tandoor	recipes	tandoorのrecipesにおけるHTTP ヘッダのスクリプト構文の不適切な無効化に関する脆弱性	CWE-644 HTTP ヘッダのスクリプト構文の不適切な無効化	CVE-2026-33149	2026-04-24 11:30	2026-03-26	Show	GitHub Exploit DB Packet Storm

4398	4.6	警告 Network	Docmost	Docmost	Docmostにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-33193	2026-04-24 11:30	2026-04-14	Show	GitHub Exploit DB Packet Storm

4399	6.5	警告 Network	Elasticsearch B.V.	Kibana	Elasticsearch B.V.のKibanaにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-33461	2026-04-24 11:30	2026-04-8	Show	GitHub Exploit DB Packet Storm

4400	4.8	警告 Network	cryptomator	cryptomator	cryptomatorにおける複数の脆弱性	CWE-305 CWE-319	CVE-2026-33472	2026-04-24 11:30	2026-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349341	-	ubertec	help_center_live	PHP file inclusion vulnerability in the osTicket module in Help Center Live before 2.0.3 allows remote attackers to access or include arbitrary files via the file parameter, possibly due to a directo…	NVD-CWE-Other	CVE-2005-3639	2011-03-8 11:26	2005-11-17	Show	GitHub Exploit DB Packet Storm

349342	-	citrix	ica_program_neighborhood_client	Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response.	NVD-CWE-Other	CVE-2005-3652	2011-03-8 11:26	2005-12-17	Show	GitHub Exploit DB Packet Storm

349343	-	bluecoat	webproxy	Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the …	NVD-CWE-Other	CVE-2005-3654	2011-03-8 11:26	2005-12-31	Show	GitHub Exploit DB Packet Storm

349344	-	mcafee	mcinsctl.dll virusscan_security_center	The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or …	NVD-CWE-Other	CVE-2005-3657	2011-03-8 11:26	2005-12-21	Show	GitHub Exploit DB Packet Storm

349345	-	kaspersky_lab	kaspersky_anti-virus	Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.	NVD-CWE-Other	CVE-2005-3663	2011-03-8 11:26	2005-11-18	Show	GitHub Exploit DB Packet Storm

349346	-	stonesoft	stonegate_firewall	The Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2.6.1 allows remote attackers to cause a denial of service via certain crafted IKE packets, as demons…	NVD-CWE-Other	CVE-2005-3672	2011-03-8 11:26	2005-11-19	Show	GitHub Exploit DB Packet Storm

349347	-	checkpoint	check_point express firewall-1 vpn-1 vpn-1_firewall-1_next_generation	The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS …	NVD-CWE-Other	CVE-2005-3673	2011-03-8 11:26	2005-11-19	Show	GitHub Exploit DB Packet Storm

349348	-	sun	solaris	The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE p…	NVD-CWE-Other	CVE-2005-3674	2011-03-8 11:26	2005-11-19	Show	GitHub Exploit DB Packet Storm

349349	-	virtual_programming	vp-asp	Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.	NVD-CWE-Other	CVE-2005-3685	2011-03-8 11:26	2005-11-19	Show	GitHub Exploit DB Packet Storm

349350	-	-	-	Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mai…	NVD-CWE-Other	CVE-2005-3691	2011-03-8 11:26	2005-11-19	Show	GitHub Exploit DB Packet Storm