Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5151 5 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるUNIX Symbolic Link のフォローに関する脆弱性 CWE-61
UNIX Symbolic Link のフォロー 		CVE-2026-35372 2026-05-7 11:26 2026-04-22 Show GitHub Exploit DB Packet Storm
5152 5.5 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるUnicode エンコーディングの処理に関する脆弱性 CWE-176
Unicode エンコーディングの不適切な処理 		CVE-2026-35373 2026-05-7 11:26 2026-04-22 Show GitHub Exploit DB Packet Storm
5153 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35374 2026-05-7 11:26 2026-04-22 Show GitHub Exploit DB Packet Storm
5154 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるUnicode エンコーディングの処理に関する脆弱性 CWE-176
Unicode エンコーディングの不適切な処理 		CVE-2026-35375 2026-05-7 11:26 2026-04-22 Show GitHub Exploit DB Packet Storm
5155 5.8 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35376 2026-05-7 11:26 2026-04-22 Show GitHub Exploit DB Packet Storm
5156 8.8 重要
Network 		DBitNet N300 T1 Pro ファームウェア DBitNetのN300 T1 Pro ファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-36956 2026-05-7 11:26 2026-04-30 Show GitHub Exploit DB Packet Storm
5157 7.5 重要
Network 		DBitNet N300 T1 Pro ファームウェア DBitNetのN300 T1 Pro ファームウェアにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-36957 2026-05-7 11:26 2026-04-30 Show GitHub Exploit DB Packet Storm
5158 4.4 警告
Local 		Absolute Software secure access Absolute Softwareのsecure accessにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-40949 2026-05-7 11:26 2026-04-30 Show GitHub Exploit DB Packet Storm
5159 6.5 警告
Network 		Absolute Software secure access Absolute Softwareのsecure accessにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-40950 2026-05-7 11:26 2026-04-30 Show GitHub Exploit DB Packet Storm
5160 5.5 警告
Local 		Absolute Software secure access Absolute Softwareのsecure accessにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-40951 2026-05-7 11:26 2026-04-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347081 - cookex com_ckforms SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action t… CWE-89
SQL Injection 		CVE-2010-1344 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347082 - ribafs mini_cms_ribafs SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: som… CWE-89
SQL Injection 		CVE-2010-1346 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347083 - ibm director_agent Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-1347 2017-08-17 10:32 2010-04-13 Show GitHub Exploit DB Packet Storm
347084 - ibm websphere_portal Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors. NVD-CWE-noinfo
CVE-2010-1348 2017-08-17 10:32 2010-04-13 Show GitHub Exploit DB Packet Storm
347085 - opera opera_browser Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. CWE-189
Numeric Errors 		CVE-2010-1349 2017-08-17 10:32 2010-04-13 Show GitHub Exploit DB Packet Storm
347086 - opera opera_browser Per: http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issue 'We also determined that the problem only existed in our Windows version. ' CWE-189
Numeric Errors 		CVE-2010-1349 2017-08-17 10:32 2010-04-13 Show GitHub Exploit DB Packet Storm
347087 - joomlaprojects com_jp_jobs SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to i… CWE-89
SQL Injection 		CVE-2010-1350 2017-08-17 10:32 2010-04-13 Show GitHub Exploit DB Packet Storm
347088 - nodesforum nodesforum Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _nodesfor… CWE-94
Code Injection 		CVE-2010-1351 2017-08-17 10:32 2010-04-13 Show GitHub Exploit DB Packet Storm
347089 - wowjoomla com_loginbox Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. CWE-22
Path Traversal 		CVE-2010-1353 2017-08-17 10:32 2010-04-13 Show GitHub Exploit DB Packet Storm
347090 - sbddirectorysoftware sbd_directory_software Cross-site scripting (XSS) vulnerability in editors/logindialogue.php in SBD Directory Software 4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. CWE-79
Cross-site Scripting 		CVE-2010-1357 2017-08-17 10:32 2010-04-14 Show GitHub Exploit DB Packet Storm