Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5001	5.3	警告 Network	Tokuhiro Matsuno (tokuhirom)	Amon2::Plugin::Web::CSRFDefender	Tokuhiro Matsuno (tokuhirom)のAmon2::Plugin::Web::CSRFDefenderにおける複数の脆弱性	CWE-338 CWE-340	CVE-2025-15604 CVE-2026-5082	2026-04-24 11:35	2026-04-8	Show	GitHub Exploit DB Packet Storm

5002	7.5	重要 Network	pyLoad	pyLoad	pyLoadにおける複数の脆弱性	CWE-502 CWE-863	CVE-2026-33509 CVE-2026-35464	2026-04-24 11:35	2026-04-7	Show	GitHub Exploit DB Packet Storm

5003	9.8	緊急 Network	Tomas Varaneckas	JAD Java Decompiler	Tomas VaraneckasのJAD Java Decompilerにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2016-20049	2026-04-24 11:35	2026-03-28	Show	GitHub Exploit DB Packet Storm

5004	6.1	警告 Network	WSO2	WSO2 API Manager	WSO2のWSO2 API Managerにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-10242	2026-04-24 11:35	2026-04-16	Show	GitHub Exploit DB Packet Storm

5005	9.1	緊急 Network	WSO2	Identity Server as Key Manager WSO2 API Manager WSO2 Identity Server WSO2 Open Banking AM WSO2 Open Banking IAM	WSO2のWSO2 API Manager等の複数製品におけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2024-2374	2026-04-24 11:35	2026-04-16	Show	GitHub Exploit DB Packet Storm

5006	5.4	警告 Network	WSO2	WSO2 API Manager	WSO2のWSO2 API Managerにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-4867	2026-04-24 11:34	2026-04-16	Show	GitHub Exploit DB Packet Storm

5007	7.5	重要 Network	WSO2	WSO2 API Manager	WSO2のWSO2 API ManagerにおけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2024-8010	2026-04-24 11:34	2026-04-16	Show	GitHub Exploit DB Packet Storm

5008	5.4	警告 Network	WSO2	WSO2 Identity Server	WSO2のWSO2 Identity Serverにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2025-12624	2026-04-24 11:34	2026-04-16	Show	GitHub Exploit DB Packet Storm

5009	8.2	重要 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるHTTP リクエストスマグリングに関する脆弱性	CWE-444 HTTP リクエストスマグリング	CVE-2025-31958	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

5010	5.3	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)における重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2025-31981	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
350021	-	-	-	Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376.	NVD-CWE-Other	CVE-2003-1318	2016-10-18 11:39	2003-12-31	Show	GitHub Exploit DB Packet Storm

350022	-	truegalerie	truegalerie	upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery.	CWE-287 Improper Authentication	CVE-2003-1489	2016-10-18 11:39	2003-12-31	Show	GitHub Exploit DB Packet Storm

350023	-	gnu	cfengine	Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction fu…	NVD-CWE-Other	CVE-2003-0849	2016-10-18 11:38	2003-11-17	Show	GitHub Exploit DB Packet Storm

350024	-	dug_song rafal_wojtczuk	dsniff libnids	The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."	NVD-CWE-Other	CVE-2003-0850	2016-10-18 11:38	2003-11-17	Show	GitHub Exploit DB Packet Storm

350025	-	mpg123	mpg123	Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.	NVD-CWE-Other	CVE-2003-0865	2016-10-18 11:38	2003-11-17	Show	GitHub Exploit DB Packet Storm

350026	-	openslp	openslp	Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file.	NVD-CWE-Other	CVE-2003-0875	2016-10-18 11:38	2003-11-17	Show	GitHub Exploit DB Packet Storm

350027	-	hylafax	hylafax	Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.	NVD-CWE-Other	CVE-2003-0886	2016-10-18 11:38	2003-12-1	Show	GitHub Exploit DB Packet Storm

350028	-	sun	jre	The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and exe…	NVD-CWE-Other	CVE-2003-0896	2016-10-18 11:38	2003-11-17	Show	GitHub Exploit DB Packet Storm

350029	-	ibm	db2_universal_database	IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.	NVD-CWE-Other	CVE-2003-0898	2016-10-18 11:38	2003-11-17	Show	GitHub Exploit DB Packet Storm

350030	-	clearswift	mailsweeper	Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.	NVD-CWE-Other	CVE-2003-0928	2016-10-18 11:38	2004-09-28	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed