Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
881 5.5 警告
Local 		OpenImageIO (OIIO) OpenImageIO (OIIO) OpenImageIO (OIIO)における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-43996 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
882 6.5 警告
Network 		Shellhub Shellhub Shellhubにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-44423 2026-05-18 11:22 2026-05-13 Show GitHub Exploit DB Packet Storm
883 4.7 警告
Network 		lfprojects MCP Registry lfprojectsのMCP Registryにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-44428 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
884 5.4 警告
Network 		lfprojects MCP Registry lfprojectsのMCP Registryにおける複数の脆弱性 CWE-116
CWE-79
CVE-2026-44429 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
885 4 警告
Network 		lfprojects MCP Registry lfprojectsのMCP Registryにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-44430 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
886 7.2 重要
Network 		Ivanti Ivanti Virtual Traffic Manager (vTM) IvantiのIvanti Virtual Traffic Manager (vTM)におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-8051 2026-05-18 11:22 2026-05-12 Show GitHub Exploit DB Packet Storm
887 5.4 警告
Network 		Bitwarden Server BitwardenのServerにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-43638 2026-05-18 11:22 2026-05-11 Show GitHub Exploit DB Packet Storm
888 9.1 緊急
Network 		Bitwarden Server BitwardenのServerにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-43639 2026-05-18 11:22 2026-05-11 Show GitHub Exploit DB Packet Storm
889 8.1 重要
Network 		Bitwarden Server BitwardenのServerにおける認証アルゴリズムの不適切な実装に関する脆弱性 CWE-303
認証アルゴリズム上の問題 		CVE-2026-43640 2026-05-18 11:21 2026-05-11 Show GitHub Exploit DB Packet Storm
890 8.8 重要
Adjacent 		エレコム株式会社
ロジテック株式会社		 WAB-S1775
WSC-X1800GS-B
WRC-X6000QS-G
WMC-2LX2-B
WRC-X3000GS3-B
LAN-WH300ANDGPE
WRC-1900GHBK-A
WRC-1900GHBK-S
WRC-X1800GSH-B
LAN-WH300N/DR
WRC-1750GHBK2-I
WRC-600GHBK… 		エレコム製およびロジテック製ネットワーク機器における複数の脆弱性 CWE-120
CWE-284
CWE-78
CWE-912
CVE-2023-32626
CVE-2023-35991
CVE-2023-38132
CVE-2023-38576
CVE-2023-39445
CVE-2023-39454
CVE-2023-39455
CVE-2023-39944
CVE-2023-40069
CVE-2023-40072 		2026-05-15 19:26 2023-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346041 - crystal_art_software crystal_ftp Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension. NVD-CWE-Other
CVE-2004-1327 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
346042 - ibm aix Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. NVD-CWE-Other
CVE-2004-1330 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
346043 - debian
gentoo 		tetex-bin
linux 		The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. NVD-CWE-Other
CVE-2004-1336 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346044 - gnu
conectiva
ubuntu 		realtime_linux_security_module
linux
ubuntu_linux 		The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to g… NVD-CWE-Other
CVE-2004-1337 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346045 - oracle database_server
oracle9i 		The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-1338 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346046 - oracle database_server
oracle9i 		SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the … CWE-89
SQL Injection 		CVE-2004-1339 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
346047 - debian debian_linux Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. NVD-CWE-Other
CVE-2004-1340 2017-07-11 10:30 2005-01-26 Show GitHub Exploit DB Packet Storm
346048 - roar_smith info2www Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 allows remote attackers to inject arbitrary web script or HTML via the arguments to info2www. NVD-CWE-Other
CVE-2004-1341 2017-07-11 10:30 2005-04-19 Show GitHub Exploit DB Packet Storm
346049 - sun java_system_web_proxy_server Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNEC… NVD-CWE-Other
CVE-2004-1350 2017-07-11 10:30 2004-10-30 Show GitHub Exploit DB Packet Storm
346050 - oracle application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i 		The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attacker… NVD-CWE-Other
CVE-2004-1362 2017-07-11 10:30 2004-08-4 Show GitHub Exploit DB Packet Storm