Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4531	9.8	緊急 Network	マイクロソフト	Bing	Microsoft Bing のリモートでコードが実行される脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-33819	2026-05-7 10:52	2026-04-23	Show	GitHub Exploit DB Packet Storm

4532	5	警告 Local	オラクル	MySQL	オラクルのMySQLにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-34317	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4533	5.8	警告 Network	オラクル	MySQL	オラクルのMySQLにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-34318	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4534	5	警告 Local	オラクル	MySQL	オラクルのMySQLにおけるリクエストに対するレスポンス内容の違いに起因する情報漏えいに関する脆弱性	CWE-204 リクエストに対するレスポンス内容の違いに起因する情報漏えい	CVE-2026-34319	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4535	7.5	重要 Network	オラクル	Java VM	オラクルのJava VMにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35229	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4536	4.4	警告 Local	オラクル	Oracle Linux	オラクルのOracle Linuxにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-35233	2026-05-7 10:51	2026-05-1	Show	GitHub Exploit DB Packet Storm

4537	5.2	警告 Network	オラクル	Hyperion Infrastructure Technology	オラクルのHyperion Infrastructure Technologyにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35244	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4538	9.1	緊急 Network	Volcengine	OpenViking	VolcengineのOpenVikingにおける安全でない失敗処理に関する脆弱性	CWE-636 安全でない失敗処理	CVE-2026-40525	2026-05-7 10:51	2026-04-17	Show	GitHub Exploit DB Packet Storm

4539	7.1	重要 Network	Apache Software Foundation	Apache Atlas	Apache Software FoundationのApache Atlasにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-40563	2026-05-7 10:51	2026-05-4	Show	GitHub Exploit DB Packet Storm

4540	8.8	重要 Adjacent	Espressif Systems	ESP32 Arduino	Espressif SystemsのESP32 Arduinoにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-41429	2026-05-7 10:51	2026-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346751	-	apple	darwin_streaming_server quicktime_streaming_server	parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resultin…	CWE-22 Path Traversal	CVE-2003-1413	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346752	-	apple	darwin_streaming_server quicktime_streaming_server	Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot)…	CWE-22 Path Traversal	CVE-2003-1414	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346753	-	visual_mining	netcharts_xbrl_server	NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2003-1415	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346754	-	bisonftp	bisonftp_server_4	BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command.	CWE-20 Improper Input Validation	CVE-2003-1416	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346755	-	ncipher	support_software	nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1)…	CWE-255 Credentials Management	CVE-2003-1417	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346756	-	netscape	navigator	Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.	CWE-20 Improper Input Validation	CVE-2003-1419	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346757	-	suckbot	suckbot	Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.	CWE-399 Resource Management Errors	CVE-2003-1421	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346758	-	gentoo	syslinux	Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors.	NVD-CWE-noinfo CWE-16 Configuration	CVE-2003-1422	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346759	-	petitforum	petitforum	Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encr…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2003-1423	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

346760	-	petitforum	petitforum	message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.	CWE-255 Credentials Management	CVE-2003-1424	2017-07-29 10:29	2003-12-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed