Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5311	5.4	警告 Network	フォーティネット	FortiSandbox FortiSandbox Cloud	フォーティネットのFortiSandbox等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-61886	2026-04-24 11:34	2026-04-14	Show	GitHub Exploit DB Packet Storm

5312	5.3	警告 Network	Apache Software Foundation	Apache Doris-MCP-Server	Apache Software FoundationのApache Doris-MCP-ServerにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-66335	2026-04-24 11:34	2026-04-20	Show	GitHub Exploit DB Packet Storm

5313	6.5	警告 Network	フォーティネット	FortiManager Cloud FortiAnalyzer FortiAnalyzer Cloud FortiManager	フォーティネットのFortiAnalyzer等の複数製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2025-68649	2026-04-24 11:34	2026-04-14	Show	GitHub Exploit DB Packet Storm

5314	8.4	重要 Local	Nitro Software Inc.	Nitro PDF Pro	Nitro Software Inc.のNitro PDF Proにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2025-69627	2026-04-24 11:34	2026-04-13	Show	GitHub Exploit DB Packet Storm

5315	4.3	警告 Network	Fortra	GoAnywhere Managed File Transfer	FortraのGoAnywhere Managed File Transferにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-0971	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

5316	5.4	警告 Network	Fortra	GoAnywhere Managed File Transfer	FortraのGoAnywhere Managed File Transferにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2026-0972	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

5317	6.5	警告 Network	Fortra	GoAnywhere Managed File Transfer	FortraのGoAnywhere Managed File Transferにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2026-1089	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

5318	4.9	警告 Network	オラクル	MySQL Server	オラクルのMySQL Serverにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-21998	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

5319	2.7	低 Network	オラクル	MySQL Server	オラクルのMySQL Serverにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-22001	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

5320	4.9	警告 Network	オラクル	MySQL Server	オラクルのMySQL Serverにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-22002	2026-04-24 11:34	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
353981	-	cayman	3220-h_dsl_router gatorsurf	The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests.	NVD-CWE-Other	CVE-2000-0418	2008-09-11 04:04	2000-05-23	Show	GitHub Exploit DB Packet Storm

353982	-	microsoft	windows_2000	The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.	NVD-CWE-Other	CVE-2000-0420	2008-09-11 04:04	2000-05-11	Show	GitHub Exploit DB Packet Storm

353983	-	mozilla	bugzilla	The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters.	NVD-CWE-Other	CVE-2000-0421	2008-09-11 04:04	2000-05-11	Show	GitHub Exploit DB Packet Storm

353984	-	lsoft	listserv	Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands.	NVD-CWE-Other	CVE-2000-0425	2008-09-11 04:04	2000-05-3	Show	GitHub Exploit DB Packet Storm

353985	-	ultrascripts	ultraboard	UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself.	NVD-CWE-Other	CVE-2000-0426	2008-09-11 04:04	2000-05-5	Show	GitHub Exploit DB Packet Storm

353986	-	aladdin_knowledge_systems	etoken	The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM.	NVD-CWE-Other	CVE-2000-0427	2008-09-11 04:04	2000-05-4	Show	GitHub Exploit DB Packet Storm

353987	-	trend_micro	interscan_viruswall	Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment.	NVD-CWE-Other	CVE-2000-0428	2008-09-11 04:04	2000-05-4	Show	GitHub Exploit DB Packet Storm

353988	-	matt_kruse	calendar_script	The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters.	NVD-CWE-Other	CVE-2000-0432	2008-09-11 04:04	2000-05-16	Show	GitHub Exploit DB Packet Storm

353989	-	suse	suse_linux	The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such…	NVD-CWE-Other	CVE-2000-0433	2008-09-11 04:04	2000-05-2	Show	GitHub Exploit DB Packet Storm

353990	-	matthew_redman	allmanage	The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.	NVD-CWE-Other	CVE-2000-0434	2008-09-11 04:04	2000-05-13	Show	GitHub Exploit DB Packet Storm