Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
6331 6.1 警告
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word の情報漏えいの脆弱性 CWE-125
境界外読み取り 		CVE-2026-33822 2026-05-1 10:47 2026-04-14 Show GitHub Exploit DB Packet Storm
6332 5.2 警告
Physics 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおけるPRNG におけるシードの不正な使用に関する脆弱性 CWE-335
PRNGにおけるシードの不正な使用 		CVE-2026-3503 2026-05-1 10:47 2026-03-19 Show GitHub Exploit DB Packet Storm
6333 9.8 緊急
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおける複数の脆弱性 CWE-122
CWE-787
CWE-787
CVE-2026-3548 2026-05-1 10:47 2026-03-19 Show GitHub Exploit DB Packet Storm
6334 5.9 警告
Network 		VMware Spring AI VMwareのSpring AIにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-40966 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
6335 8.6 重要
Network 		VMware Spring AI VMwareのSpring AIにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-40967 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
6336 7.5 重要
Adjacent 		VMware Spring Boot VMwareのSpring Bootにおけるタイミングの違いに起因する情報漏えいに関する脆弱性 CWE-208
タイミングの違いに起因する情報漏えい 		CVE-2026-40972 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
6337 7 重要
Local 		VMware Spring Boot VMwareのSpring Bootにおける安全でない一時ファイルに関する脆弱性 CWE-377
安全でない一時ファイル 		CVE-2026-40973 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
6338 7.5 重要
Network 		VMware Spring Boot VMwareのSpring Bootにおける不十分なランダム値の使用に関する脆弱性 CWE-330
不十分なランダム値の使用 		CVE-2026-40975 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
6339 9.1 緊急
Network 		VMware Spring Boot VMwareのSpring Bootにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-40976 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
6340 6.7 警告
Local 		VMware Spring Boot VMwareのSpring Bootにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-40977 2026-05-1 10:47 2026-04-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351181 - zonelabs zonealarm ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript. NVD-CWE-Other
CVE-2004-1534 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351182 - phpbb_group phpbb PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to referen… NVD-CWE-Other
CVE-2004-1535 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351183 - ipbproarcade ipbproarcade SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter. NVD-CWE-Other
CVE-2004-1536 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351184 - phpkit phpkit Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter. NVD-CWE-Other
CVE-2004-1537 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351185 - phpkit phpkit SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. NVD-CWE-Other
CVE-2004-1538 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351186 - gearbox_software halo_combat_evolved Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. NVD-CWE-Other
CVE-2004-1539 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351187 - zyxel prestige
zynos 		ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers… NVD-CWE-Other
CVE-2004-1540 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351188 - van_dyke_technologies securecrt SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share. NVD-CWE-Other
CVE-2004-1541 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351189 - raven_software soldier_of_fortune Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply. NVD-CWE-Other
CVE-2004-1542 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm
351190 - korweblog korweblog Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter. NVD-CWE-Other
CVE-2004-1543 2017-07-11 10:31 2004-12-31 Show GitHub Exploit DB Packet Storm