Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5051	4.7	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35354	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5052	4.7	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35357	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5053	4.7	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける複数の脆弱性	CWE-367 CWE-59	CVE-2026-35359	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5054	6.3	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35360	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5055	5.6	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35363	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5056	6.3	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35364	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5057	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-35367	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5058	7.8	重要 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける信頼できない検索パスに関する脆弱性	CWE-426 信頼性のない検索パス	CVE-2026-35368	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5059	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-35377	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

5060	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性	CWE-684 指定された機能の不適切な提供	CVE-2026-35381	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
355121	-	punbb	punbb	PunBB 1.2.9 does not require password entry when changing the e-mail address in an account's profile, which might allow an attacker to make an address change via a hijacked login session.	NVD-CWE-Other	CVE-2005-4688	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355122	-	-	-	Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie.	NVD-CWE-Other	CVE-2005-4689	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355123	-	six_apart	movable_type	Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory…	NVD-CWE-Other	CVE-2005-4690	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355124	-	netbsd	netbsd	imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack …	NVD-CWE-Other	CVE-2005-4691	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355125	-	mroovca	mroovca_stats	Unspecified vulnerability in mroovca stats (mroovcastats) before 0.4.5b has unknown attack vectors and impact, related to cookies.	NVD-CWE-Other	CVE-2005-4692	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355126	-	gaim-encryption	gaim-encryption	Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to cause a denial of service (crash) via a crafted message from an ICQ buddy, possibly involving the GE_received_key function in keys.c.	NVD-CWE-Other	CVE-2005-4693	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355127	-	ipbproarcade	ipbproarcade	SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this…	NVD-CWE-Other	CVE-2005-4702	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355128	-	bea	weblogic_server	Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used…	NVD-CWE-Other	CVE-2005-4704	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355129	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7, when a Java client application creates an SSL connection to the server after it has already created an …	NVD-CWE-Other	CVE-2005-4705	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

355130	-	php_handicapper	php_handicapper	CRLF injection vulnerability in process_signup.php in PHP Handicapper allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the login parameter. NOTE: the vendor has dispute…	NVD-CWE-Other	CVE-2005-4712	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm