Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1211	7.1	重要 Network	OpenProject	OpenProject	OpenProjectにおける複数の脆弱性	CWE-367 CWE-639	CVE-2026-40896	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

1212	7.1	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-40926	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

1213	9.9	緊急 Network	flowiseai	flowise	flowiseaiのflowiseにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-40933	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

1214	9.8	緊急 Network	protobufjs project	protobufjs	protobufjs projectのprotobufjsにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41242	2026-04-24 11:41	2026-04-18	Show	GitHub Exploit DB Packet Storm

1215	7.5	重要 Network	Junrar project	Junrar	Junrar projectのJunrarにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-41245	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

1216	7.5	重要 Network	projectdiscovery	nuclei	ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41282	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

1217	7.1	重要 Local	オートデスク株式会社	Autodesk Fusion	オートデスク株式会社のAutodesk Fusionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4344	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

1218	7.1	重要 Local	オートデスク株式会社	Autodesk Fusion	オートデスク株式会社のAutodesk Fusionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4345	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

1219	7.1	重要 Local	オートデスク株式会社	Autodesk Fusion	オートデスク株式会社のAutodesk Fusionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4369	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

1220	5.5	警告 Local	GNU Project レッドハット	GNU tar Red Hat Hardened Images Red Hat Enterprise Linux	GNU Project等の複数ベンダの製品における危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-5704	2026-04-24 11:40	2026-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348301	-	ibm	tivoli_management_framework	Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via …	NVD-CWE-Other	CVE-2002-1011	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348302	-	ibm	tivoli_management_framework	Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET …	NVD-CWE-Other	CVE-2002-1012	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348303	-	inktomi	media-ixt traffic_edge traffic_server	Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argum…	NVD-CWE-Other	CVE-2002-1013	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348304	-	realnetworks	realjukebox_2 realjukebox_2_plus realone_player	Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long val…	NVD-CWE-Other	CVE-2002-1014	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348305	-	realnetworks	realjukebox_2 realjukebox_2_plus realone_player	RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini fil…	NVD-CWE-Other	CVE-2002-1015	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348306	-	adobe	digital_editions	Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files.	NVD-CWE-Other	CVE-2002-1016	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348307	-	adobe	digital_editions	Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the a…	NVD-CWE-Other	CVE-2002-1017	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348308	-	working_resources_inc.	badblue	BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.	NVD-CWE-Other	CVE-2002-1021	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348309	-	working_resources_inc.	badblue	BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.	NVD-CWE-Other	CVE-2002-1022	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm

348310	-	working_resources_inc.	badblue	BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.	NVD-CWE-Other	CVE-2002-1023	2008-09-6 05:29	2002-10-4	Show	GitHub Exploit DB Packet Storm