Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5731 9.1 緊急
Network 		EspoCRM EspoCRM EspoCRMにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-33656 2026-04-30 12:30 2026-04-22 Show GitHub Exploit DB Packet Storm
5732 7.2 重要
Network 		EspoCRM EspoCRM EspoCRMにおける相対パストラバーサルの脆弱性 CWE-23
相対的パストラバーサル 		CVE-2026-33733 2026-04-30 12:30 2026-04-22 Show GitHub Exploit DB Packet Storm
5733 7.5 重要
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおける不正な構文構造の不適切な処理に関する脆弱性 CWE-228
不正な構文構造の不適切な処理 		CVE-2026-34232 2026-04-30 12:30 2026-04-17 Show GitHub Exploit DB Packet Storm
5734 5.3 警告
Network 		オラクル Oracle GoldenGate オラクルのOracle GoldenGateにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-34273 2026-04-30 12:30 2026-04-21 Show GitHub Exploit DB Packet Storm
5735 8.1 重要
Network 		getkirby kirby getkirbyのkirbyにおけるテンプレートエンジンで使用される特殊な要素の不適切な無効化に関する脆弱性 CWE-1336
テンプレートエンジンで使用される特殊な要素の不適切な無効化 		CVE-2026-34587 2026-04-30 12:30 2026-04-24 Show GitHub Exploit DB Packet Storm
5736 9 緊急
Network 		Ci4-cms-erp Ci4MS Ci4-cms-erpのCi4MSにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-34989 2026-04-30 12:30 2026-04-6 Show GitHub Exploit DB Packet Storm
5737 7.5 重要
Network 		Linux Foundation Antrea Linux FoundationのAntreaにおける重要なデータの暗号化の欠如に関する脆弱性 CWE-311
重要なデータの暗号化の欠如 		CVE-2026-34992 2026-04-30 12:29 2026-04-6 Show GitHub Exploit DB Packet Storm
5738 7.5 重要
Network 		FirebirdSQL Firebird FirebirdSQLのFirebirdにおけるゼロ除算に関する脆弱性 CWE-369
ゼロ除算 		CVE-2026-35215 2026-04-30 12:29 2026-04-17 Show GitHub Exploit DB Packet Storm
5739 8 重要
Adjacent 		フィリップス Hue Bridge V2 ファームウェア フィリップスのHue Bridge V2 ファームウェアにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-3555 2026-04-30 12:29 2026-03-16 Show GitHub Exploit DB Packet Storm
5740 8.8 重要
Adjacent 		フィリップス Hue Bridge V2 ファームウェア フィリップスのHue Bridge V2 ファームウェアにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-3556 2026-04-30 12:29 2026-03-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351011 - - - modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the … NVD-CWE-Other
CVE-2004-1971 2017-07-11 10:31 2004-04-26 Show GitHub Exploit DB Packet Storm
351012 - francisco_burzi php-nuke SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to execute arbitrary SQL code via the (1) clipid or (2) catid parameters in a viewclip, … NVD-CWE-Other
CVE-2004-1972 2017-07-11 10:31 2004-04-26 Show GitHub Exploit DB Packet Storm
351013 - digi www_server DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi… NVD-CWE-Other
CVE-2004-1973 2017-07-11 10:31 2004-04-27 Show GitHub Exploit DB Packet Storm
351014 - php_arena pafiledb paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login.php, (2) category.php, (3) search.php, (4) main.php, (5) viewall.php, (6) download.php, (7) email.… NVD-CWE-Other
CVE-2004-1974 2017-07-11 10:31 2004-04-27 Show GitHub Exploit DB Packet Storm
351015 - php_arena pafiledb Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability t… NVD-CWE-Other
CVE-2004-1975 2017-07-11 10:31 2004-04-27 Show GitHub Exploit DB Packet Storm
351016 - smc_networks smc7004vbr SMC Barricade broadband router 7008ABR and 7004VBR enable remote administration by default, which allows remote attackers to gain access by connecting to port 1900. NVD-CWE-Other
CVE-2004-1976 2017-07-11 10:31 2004-04-28 Show GitHub Exploit DB Packet Storm
351017 - 3com webbngss3nbxnts 3com NBX IP VOIP NetSet Configuration Manager allows remote attackers to cause a denial of service (crash) via a Nessus scan in safeChecks mode. NVD-CWE-Other
CVE-2004-1977 2017-07-11 10:31 2004-04-29 Show GitHub Exploit DB Packet Storm
351018 - props props Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to inject arbitrary HTML or web script via the search_string parameter. NVD-CWE-Other
CVE-2004-1979 2017-07-11 10:31 2004-04-30 Show GitHub Exploit DB Packet Storm
351019 - props props Directory traversal vulnerability in glossary.php in PROPS 0.6.1 allows remote attackers to view arbitrary files via a .. (dot dot) in (1) module or (2) format variables. NVD-CWE-Other
CVE-2004-1980 2017-07-11 10:31 2004-04-30 Show GitHub Exploit DB Packet Storm
351020 - businessobjects crystal_enterprise
crystal_reports 		The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are … NVD-CWE-Other
CVE-2004-1981 2017-07-11 10:31 2004-05-2 Show GitHub Exploit DB Packet Storm