Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1081 6.1 警告
Network 		オラクル Oracle Identity Manager オラクルのOracle Identity Managerにおける複数の脆弱性 CWE-284
CWE-601
CVE-2026-34283 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1082 6.1 警告
Network 		オラクル Oracle Business Process Management Suite オラクルのOracle Business Process Management Suiteにおける複数の脆弱性 CWE-284
CWE-601
CVE-2026-34284 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1083 8.7 重要
Network 		オラクル Oracle HTTP Server オラクルのOracle HTTP Serverにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-34291 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1084 7.2 重要
Network 		オラクル Oracle WebLogic Server オラクルのOracle WebLogic Serverにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-34292 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1085 6.5 警告
Network 		オラクル PeopleSoft Enterprise SCM Purchasing オラクルのPeopleSoft Enterprise SCM Purchasingにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-34295 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1086 4.3 警告
Network 		オラクル Oracle Agile Product Lifecycle Management for Process オラクルのOracle Agile Product Lifecycle Management for Processにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-34296 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1087 7.5 重要
Network 		オラクル Oracle HCM Common Architecture オラクルのOracle HCM Common Architectureにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-34297 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1088 6.5 警告
Network 		オラクル Oracle Financial Services Analytical Applications Infrastructure オラクルのOracle Financial Services Analytical Applications Infrastructureにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-34313 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1089 6.8 警告
Network 		オラクル Oracle Financial Services Analytical Applications Infrastructure オラクルのOracle Financial Services Analytical Applications Infrastructureにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-34314 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
1090 4.8 警告
Network 		オラクル Oracle Financial Services Analytical Applications Infrastructure オラクルのOracle Financial Services Analytical Applications Infrastructureにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-34321 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313891 - georgecurrums open_guestbook Cross-site scripting (XSS) vulnerability in header.php in Open Guestbook 0.5 allows remote attackers to inject arbitrary web script or HTML via the title parameter. CWE-79
Cross-site Scripting 		CVE-2006-3295 2024-02-9 12:26 2006-06-29 Show GitHub Exploit DB Packet Storm
313892 - sun
oracle 		jsse
java_web_start
jre 		X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 … CWE-295
Improper Certificate Validation  		CVE-2003-1229 2024-02-9 12:26 2003-12-31 Show GitHub Exploit DB Packet Storm
313893 - rtfm ssldump Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value. CWE-787
 Out-of-bounds Write 		CVE-2002-2227 2024-02-9 12:26 2002-12-31 Show GitHub Exploit DB Packet Storm
313894 - microsoft windows_xp
windows_2000
windows_98
windows_me
windows_98se
windows_nt
internet_explorer
office
outlook_express 		The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Ma… CWE-295
Improper Certificate Validation  		CVE-2002-0862 2024-02-9 12:26 2002-10-4 Show GitHub Exploit DB Packet Storm
313895 - cjguestbook_project cjguestbook Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments paramet… CWE-79
Cross-site Scripting 		CVE-2006-3211 2024-02-9 12:21 2006-06-24 Show GitHub Exploit DB Packet Storm
313896 - fantastic_guestbook_project fantastic_guestbook Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the… CWE-79
Cross-site Scripting 		CVE-2006-3568 2024-02-9 12:20 2006-07-13 Show GitHub Exploit DB Packet Storm
313897 - aol aim Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. CWE-120
Classic Buffer Overflow 		CVE-2000-1094 2024-02-9 12:20 2001-01-9 Show GitHub Exploit DB Packet Storm
313898 - sendmail
netbsd
hp
windriver
sun
gentoo
oracle 		sendmail
netbsd
hp-ux
bsdos
sunos
linux
solaris
alphaserver_sc
platform_sa 		Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the … CWE-120
Classic Buffer Overflow 		CVE-2002-1337 2024-02-9 12:19 2003-03-7 Show GitHub Exploit DB Packet Storm
313899 - bsdi
sun
hp
oracle
debian
ibm
freebsd
netbsd
digital
next 		bsd_os
sunos
hp-ux
solaris
debian_linux
aix
freebsd
netbsd
ultrix
nextstep 		Buffer overflow of rlogin program using TERM environmental variable. CWE-120
Classic Buffer Overflow 		CVE-1999-0046 2024-02-9 12:19 1997-02-6 Show GitHub Exploit DB Packet Storm
313900 - terascript wintango_application_server Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference. CWE-120
Classic Buffer Overflow 		CVE-2003-0595 2024-02-9 12:18 2003-08-27 Show GitHub Exploit DB Packet Storm