Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
6261	9.8	緊急 Network	Steven Fackler	rust-openssl	rust-OpenSSL Projectのrust-OpenSSLにおける複数の脆弱性	CWE-126 CWE-130	CVE-2026-41898	2026-04-30 12:17	2026-04-24	Show	GitHub Exploit DB Packet Storm

6262	7	重要 Local	レッドハット libssh	libssh Red Hat Hardened Images	libssh等の複数ベンダの製品における制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2025-14821	2026-04-30 12:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

6263	10	緊急 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるパストラバーサルの脆弱性	CWE-29 パストラバーサル (/../filename)	CVE-2025-15036	2026-04-30 12:17	2026-03-30	Show	GitHub Exploit DB Packet Storm

6264	9.8	緊急 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2025-15379	2026-04-30 12:17	2026-03-30	Show	GitHub Exploit DB Packet Storm

6265	7.1	重要 Network	lfprojects	mlflow	lfprojectsのmlflowにおける情報漏えいに関する脆弱性	CWE-200 CWE-noinfo	CVE-2025-15381	2026-04-30 12:17	2026-03-27	Show	GitHub Exploit DB Packet Storm

6266	7.5	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおけるメモリ管理ルーチンの不一致に関する脆弱性	CWE-762 メモリ管理ルーチンの不一致	CVE-2025-48431	2026-04-30 12:17	2026-04-28	Show	GitHub Exploit DB Packet Storm

6267	6.5	警告 Adjacent	ジュニパーネットワークス	Junos OS Evolved	ジュニパーネットワークスのJunos OS Evolvedにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2025-59969	2026-04-30 12:17	2026-04-9	Show	GitHub Exploit DB Packet Storm

6268	7.8	重要 Local	huggingface	transformers	huggingfaceのtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-1839	2026-04-30 12:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

6269	6.1	警告 Network	シスコシステムズ	Cisco Unity Connection	シスコシステムズのCisco Unity Connectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-20059	2026-04-30 12:17	2026-04-15	Show	GitHub Exploit DB Packet Storm

6270	4.7	警告 Network	シスコシステムズ	Cisco Unity Connection	シスコシステムズのCisco Unity Connectionにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-20060	2026-04-30 12:17	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
358161	-	apple	mac_os_x	Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which al…	NVD-CWE-Other	CVE-2005-1472	2008-09-6 05:49	2005-05-19	Show	GitHub Exploit DB Packet Storm

358162	-	apple	mac_os_x	SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.	NVD-CWE-Other	CVE-2005-1473	2008-09-6 05:49	2005-06-13	Show	GitHub Exploit DB Packet Storm

358163	-	apple	mac_os_x mac_os_x_server	Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933.	NVD-CWE-Other	CVE-2005-1474	2008-09-6 05:49	2005-06-13	Show	GitHub Exploit DB Packet Storm

358164	-	gnu	mailutils	Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-ma…	NVD-CWE-Other	CVE-2005-1520	2008-09-6 05:49	2005-05-26	Show	GitHub Exploit DB Packet Storm

358165	-	gnu	mailutils	Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message …	NVD-CWE-Other	CVE-2005-1521	2008-09-6 05:49	2005-05-26	Show	GitHub Exploit DB Packet Storm

358166	-	gnu	mailutils	The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETC…	NVD-CWE-Other	CVE-2005-1522	2008-09-6 05:49	2005-05-26	Show	GitHub Exploit DB Packet Storm

358167	-	gnu	mailutils	Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the comm…	NVD-CWE-Other	CVE-2005-1523	2008-09-6 05:49	2005-05-26	Show	GitHub Exploit DB Packet Storm

358168	-	battleaxe_software	bttlxeforum	forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability.	NVD-CWE-Other	CVE-2005-1570	2008-09-6 05:49	2005-05-14	Show	GitHub Exploit DB Packet Storm

358169	-	wenig_and_spitzer-williams	showoff_digital_media_software	Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic s…	NVD-CWE-Other	CVE-2005-1571	2008-09-6 05:49	2005-05-14	Show	GitHub Exploit DB Packet Storm

358170	-	wenig_and_spitzer-williams	showoff_digital_media_software	ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083.	NVD-CWE-Other	CVE-2005-1572	2008-09-6 05:49	2005-05-11	Show	GitHub Exploit DB Packet Storm