Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5581	9.9	緊急 Network	Saltcorn	Saltcorn	SaltcornにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-41478	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

5582	9.8	緊急 Network	dgraph	dgraph	dgraphにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-41492	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

5583	7.5	重要 Network	BACnet Stack	BACnet Stack	BACnet Stackにおける複数の脆弱性	CWE-125 CWE-193	CVE-2026-41502	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

5584	7.5	重要 Network	BACnet Stack	BACnet Stack	BACnet Stackにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41503	2026-04-30 10:59	2026-04-24	Show	GitHub Exploit DB Packet Storm

5585	7.5	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-41602	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

5586	7.4	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける複数の脆弱性	CWE-297 CWE-306	CVE-2026-41603	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

5587	8.2	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41604	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

5588	7.3	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-41605	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

5589	5.3	警告 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-41606	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

5590	6.5	警告 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-41607	2026-04-30 10:59	2026-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349941	-	belchior_foundry	vcard	Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uni…	NVD-CWE-Other	CVE-2004-1828	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

349942	-	error_manager	php-nuke_module	Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pagetitle or…	NVD-CWE-Other	CVE-2004-1829	2017-07-11 10:31	2004-03-18	Show	GitHub Exploit DB Packet Storm

349943	-	francisco_burzi	php-nuke	error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attackers to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a …	NVD-CWE-Other	CVE-2004-1830	2017-07-11 10:31	2004-03-18	Show	GitHub Exploit DB Packet Storm

349944	-	techland	chrome	Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large length value, which leads to a null dereference or out-of-bounds r…	NVD-CWE-Other	CVE-2004-1831	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

349945	-	apple	mac_os_x_server	Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660.	NVD-CWE-Other	CVE-2004-1832	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

349946	-	borland_software	interbase	The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.	NVD-CWE-Other	CVE-2004-1833	2017-07-11 10:31	2004-03-20	Show	GitHub Exploit DB Packet Storm

349947	-	invision_power_services	invision_gallery	Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) a…	NVD-CWE-Other	CVE-2004-1835	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

349948	-	invision_power_services	invision_power_top_site_list	SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.	NVD-CWE-Other	CVE-2004-1836	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

349949	-	joel_palmius	mod_survey	Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey field…	NVD-CWE-Other	CVE-2004-1837	2017-07-11 10:31	2004-12-31	Show	GitHub Exploit DB Packet Storm

349950	-	xweb	xweb	Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the URL.	NVD-CWE-Other	CVE-2004-1838	2017-07-11 10:31	2004-03-22	Show	GitHub Exploit DB Packet Storm