Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4751	8.1	重要 Network	SysAdmins Media	HomeBox	SysAdmins MediaのHomeBoxにおける不適切な所有権の割り当てに関する脆弱性	CWE-708 不適切な所有権の割り当て	CVE-2026-40196	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4752	2.7	低 Network	OpenBao	OpenBao	OpenBaoにおけるセキュリティトークンの割り当ての制限に関する脆弱性	CWE-1259 セキュリティトークンの割り当ての不適切な制限	CVE-2026-40264	2026-04-27 10:48	2026-04-21	Show	GitHub Exploit DB Packet Storm

4753	4.3	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-40305	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4754	6.5	警告 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおける不十分なランダム値の使用に関する脆弱性	CWE-330 不十分なランダム値の使用	CVE-2026-40306	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4755	8	重要 Network	dnnsoftware	dotnetnuke	dnnsoftwareのdotnetnukeにおける代替 XSS 構文の不適切な無効化に関する脆弱性	CWE-87 代替 XSS 構文の不適切な無効化	CVE-2026-40321	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4756	5.3	警告 Network	The FastAPI Expert	python-multipart	The FastAPI Expertのpython-multipartにおける複数の脆弱性	CWE-400 CWE-834	CVE-2026-40347	2026-04-27 10:48	2026-04-18	Show	GitHub Exploit DB Packet Storm

4757	5.4	警告 Network	wger	wger	wger Projectのwgerにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40353	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4758	7.6	重要 Network	wger	wger	wger Projectのwgerにおける複数の脆弱性	CWE-284 CWE-862	CVE-2026-40474	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4759	9	緊急 Network	Thymeleaf	Thymeleaf	Thymeleafにおける複数の脆弱性	CWE-1336 CWE-917	CVE-2026-40477	2026-04-27 10:48	2026-04-17	Show	GitHub Exploit DB Packet Storm

4760	9	緊急 Network	Thymeleaf	Thymeleaf	Thymeleafにおける複数の脆弱性	CWE-1336 CWE-917	CVE-2026-40478	2026-04-27 10:47	2026-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348111	-	virtual_programming	vp-asp	SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to…	NVD-CWE-Other	CVE-2004-2413	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348112	-	novell	netware	Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2…	NVD-CWE-Other	CVE-2004-2414	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348113	-	davenport	davenport	Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks.	NVD-CWE-Other	CVE-2004-2415	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348114	-	youngzsoft	ccproxy	Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.	NVD-CWE-Other	CVE-2004-2416	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348115	-	smtp.proxy	smtp.proxy	Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, whi…	NVD-CWE-Other	CVE-2004-2417	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348116	-	-	-	Keene Digital Media Server 1.0.2 allows local users to obtain usernames and passwords by reading the dmscore.db file on the local system.	NVD-CWE-Other	CVE-2004-2419	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348117	-	hitachi	jp1_p-1b41-9461 jp1_p-1b41-9471 jp1_p-1j41-9471	Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7 allows remote attackers to cause a denial of service (daemon halt) via a port scan involving reset packets.	NVD-CWE-Other	CVE-2004-2420	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348118	-	hitachi	jp1_p-1b41-9461 jp1_p-1b41-9471 jp1_p-1j41-9471	Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain admin…	NVD-CWE-Other	CVE-2004-2421	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348119	-	ipswitch	imail	Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web M…	NVD-CWE-Other	CVE-2004-2422	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

348120	-	ipswitch	imail	Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content."	NVD-CWE-Other	CVE-2004-2423	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm