Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
6601	7.5	重要 Network	オラクル	Java VM	オラクルのJava VMにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35229	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

6602	4.4	警告 Local	オラクル	Oracle Linux	オラクルのOracle Linuxにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-35233	2026-05-7 10:51	2026-05-1	Show	GitHub Exploit DB Packet Storm

6603	5.2	警告 Network	オラクル	Hyperion Infrastructure Technology	オラクルのHyperion Infrastructure Technologyにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35244	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

6604	9.1	緊急 Network	Volcengine	OpenViking	VolcengineのOpenVikingにおける安全でない失敗処理に関する脆弱性	CWE-636 安全でない失敗処理	CVE-2026-40525	2026-05-7 10:51	2026-04-17	Show	GitHub Exploit DB Packet Storm

6605	7.1	重要 Network	Apache Software Foundation	Apache Atlas	Apache Software FoundationのApache Atlasにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-40563	2026-05-7 10:51	2026-05-4	Show	GitHub Exploit DB Packet Storm

6606	8.8	重要 Adjacent	Espressif Systems	ESP32 Arduino	Espressif SystemsのESP32 Arduinoにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-121 スタックオーバーフロー	CVE-2026-41429	2026-05-7 10:51	2026-04-24	Show	GitHub Exploit DB Packet Storm

6607	9	緊急 Network	Jenkins プロジェクト	GitHub	JenkinsのGitHubにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42523	2026-05-7 10:51	2026-04-29	Show	GitHub Exploit DB Packet Storm

6608	8	重要 Network	Jenkins プロジェクト	HTML Publisher Plugin	JenkinsのHTML Publisher Pluginにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-42524	2026-05-7 10:51	2026-04-29	Show	GitHub Exploit DB Packet Storm

6609	4.3	警告 Network	Jenkins プロジェクト	Azure AD	JenkinsのAzure ADにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-42525	2026-05-7 10:51	2026-04-29	Show	GitHub Exploit DB Packet Storm

6610	8.8	重要 Adjacent	TP-LINK Technologies	TL-WR841N ファームウェア	TP-LINK TechnologiesのTL-WR841N ファームウェアにおけるデフォルトの暗号鍵の使用に関する脆弱性	CWE-1394 デフォルトの暗号鍵の使用	CVE-2026-5039	2026-05-7 10:51	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
356781	-	mozilla	bugzilla	Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to bugl…	NVD-CWE-Other	CVE-2002-0811	2008-09-11 04:12	2002-08-12	Show	GitHub Exploit DB Packet Storm

356782	-	mozilla	bugzilla	Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as…	NVD-CWE-Other	CVE-2002-0008	2008-09-11 04:11	2002-01-31	Show	GitHub Exploit DB Packet Storm

356783	-	mozilla	bugzilla	show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pul…	NVD-CWE-Other	CVE-2002-0009	2008-09-11 04:11	2002-01-31	Show	GitHub Exploit DB Packet Storm

356784	-	mozilla	bugzilla	Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean cha…	NVD-CWE-Other	CVE-2002-0010	2008-09-11 04:11	2002-01-31	Show	GitHub Exploit DB Packet Storm

356785	-	mozilla	bugzilla	Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login.	NVD-CWE-Other	CVE-2002-0011	2008-09-11 04:11	2002-01-31	Show	GitHub Exploit DB Packet Storm

356786	-	isc astaro	bind security_linux	Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DN…	NVD-CWE-Other	CVE-2002-0029	2008-09-11 04:11	2002-11-29	Show	GitHub Exploit DB Packet Storm

356787	-	adobe	acrobat acrobat_reader	The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by…	NVD-CWE-Other	CVE-2002-0030	2008-09-11 04:11	2003-04-2	Show	GitHub Exploit DB Packet Storm

356788	-	bindview funk_software	netrc funk_software_proxy	Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system.	NVD-CWE-Other	CVE-2002-0064	2008-09-11 04:11	2002-04-22	Show	GitHub Exploit DB Packet Storm

356789	-	bindview funk_software	netrc funk_software_proxy	Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.	NVD-CWE-Other	CVE-2002-0065	2008-09-11 04:11	2002-04-22	Show	GitHub Exploit DB Packet Storm

356790	-	bindview funk_software	netrc funk_software_proxy	Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use …	NVD-CWE-Other	CVE-2002-0066	2008-09-11 04:11	2002-04-22	Show	GitHub Exploit DB Packet Storm