Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 31, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 4871 | 5.3 |
警告
Network |
pypdf project | pypdf | pypdf projectのpypdfにおけるDTD の再帰的なエンティティ参照の不適切な制限に関する脆弱性 |
CWE-776
DTD の再帰的なエンティティ参照の不適切な制限 |
CVE-2026-40260 | 2026-04-24 11:41 | 2026-04-17 | Show | GitHub Exploit DB Packet Storm |
| 4872 | 8.8 |
重要
Network |
Chamilo Association | Chamilo LMS | Chamilo AssociationのChamilo LMSにおける複数の脆弱性 |
CWE-269 CWE-863 |
CVE-2026-40291 | 2026-04-24 11:41 | 2026-04-14 | Show | GitHub Exploit DB Packet Storm |
| 4873 | 9 |
緊急
Network |
Gitroom | Postiz | GitroomのPostizにおける複数の脆弱性 |
CWE-345 CWE-434 CWE-79 |
CVE-2026-40487 | 2026-04-24 11:41 | 2026-04-18 | Show | GitHub Exploit DB Packet Storm |
| 4874 | 9.8 |
緊急
Network |
FreeScout | FreeScout | FreeScoutにおける複数の脆弱性 |
CWE-200 CWE-284 CWE-770 |
CVE-2026-40498 | 2026-04-24 11:41 | 2026-04-21 | Show | GitHub Exploit DB Packet Storm |
| 4875 | 6.1 |
警告
Network |
FreeScout | FreeScout | FreeScoutにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2026-40565 | 2026-04-24 11:41 | 2026-04-21 | Show | GitHub Exploit DB Packet Storm |
| 4876 | 7.1 |
重要
Network |
OpenProject | OpenProject | OpenProjectにおける複数の脆弱性 |
CWE-367 CWE-639 |
CVE-2026-40896 | 2026-04-24 11:41 | 2026-04-20 | Show | GitHub Exploit DB Packet Storm |
| 4877 | 7.1 |
重要
Network |
WWBN | AVideo | WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2026-40926 | 2026-04-24 11:41 | 2026-04-21 | Show | GitHub Exploit DB Packet Storm |
| 4878 | 9.9 |
緊急
Network |
flowiseai | flowise | flowiseaiのflowiseにおけるOS コマンドインジェクションの脆弱性 |
CWE-78
OSコマンド・インジェクション |
CVE-2026-40933 | 2026-04-24 11:41 | 2026-04-21 | Show | GitHub Exploit DB Packet Storm |
| 4879 | 9.8 |
緊急
Network |
protobufjs project | protobufjs | protobufjs projectのprotobufjsにおけるコードインジェクションの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2026-41242 | 2026-04-24 11:41 | 2026-04-18 | Show | GitHub Exploit DB Packet Storm |
| 4880 | 7.5 |
重要
Network |
Junrar project | Junrar | Junrar projectのJunrarにおけるパストラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2026-41245 | 2026-04-24 11:41 | 2026-04-20 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 1, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 348461 | - | apple |
darwin_streaming_server quicktime_streaming_server mac_os_x mac_os_x_server |
Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. |
NVD-CWE-Other
|
CVE-2004-1087 | 2017-07-11 10:30 | 2004-12-2 | Show | GitHub Exploit DB Packet Storm | |
| 348462 | - | apple |
darwin_streaming_server quicktime_streaming_server mac_os_x mac_os_x_server |
Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. |
NVD-CWE-Other
|
CVE-2004-1088 | 2017-07-11 10:30 | 2004-12-2 | Show | GitHub Exploit DB Packet Storm | |
| 348463 | - | apple |
darwin_streaming_server quicktime_streaming_server mac_os_x mac_os_x_server |
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. |
NVD-CWE-Other
|
CVE-2004-1089 | 2017-07-11 10:30 | 2004-12-2 | Show | GitHub Exploit DB Packet Storm | |
| 348464 | - |
midnight_commander debian gentoo redhat suse turbolinux |
midnight_commander debian_linux linux enterprise_linux linux_advanced_workstation suse_linux turbolinux_server turbolinux_workstation |
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." |
NVD-CWE-Other
|
CVE-2004-1090 | 2017-07-11 10:30 | 2005-04-14 | Show | GitHub Exploit DB Packet Storm | |
| 348465 | - |
midnight_commander debian gentoo redhat suse turbolinux |
midnight_commander debian_linux linux enterprise_linux linux_advanced_workstation suse_linux turbolinux_server turbolinux_workstation |
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. |
NVD-CWE-Other
|
CVE-2004-1091 | 2017-07-11 10:30 | 2005-04-14 | Show | GitHub Exploit DB Packet Storm | |
| 348466 | - |
midnight_commander debian gentoo redhat suse turbolinux |
midnight_commander debian_linux linux enterprise_linux linux_advanced_workstation suse_linux turbolinux_server turbolinux_workstation |
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. |
NVD-CWE-Other
|
CVE-2004-1092 | 2017-07-11 10:30 | 2005-04-14 | Show | GitHub Exploit DB Packet Storm | |
| 348467 | - |
midnight_commander debian gentoo redhat suse turbolinux |
midnight_commander debian_linux linux enterprise_linux linux_advanced_workstation suse_linux turbolinux_server turbolinux_workstation |
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." |
NVD-CWE-Other
|
CVE-2004-1093 | 2017-07-11 10:30 | 2005-04-14 | Show | GitHub Exploit DB Packet Storm | |
| 348468 | - |
zgv debian |
xzgv_image_viewer zgv_image_viewer debian_linux |
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in … |
NVD-CWE-Other
|
CVE-2004-1095 | 2017-07-11 10:30 | 2005-01-10 | Show | GitHub Exploit DB Packet Storm | |
| 348469 | - | cherokee | cherokee_httpd | Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (a… |
NVD-CWE-Other
|
CVE-2004-1097 | 2017-07-11 10:30 | 2005-01-10 | Show | GitHub Exploit DB Packet Storm | |
| 348470 | - |
roaring_penguin mandrakesoft suse |
mimedefang mandrake_linux mandrake_linux_corporate_server suse_linux |
MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. |
NVD-CWE-Other
|
CVE-2004-1098 | 2017-07-11 10:30 | 2005-01-10 | Show | GitHub Exploit DB Packet Storm |