Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1531 6.1 警告
Network 		アドビシステムズ Adobe Connect
Adobe Connect Desktop Application 		アドビのAdobe Connect等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-21331 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1532 5.4 警告
Network 		オラクル PeopleSoft Enterprise HCM Shared Components オラクルのPeoplesoft Enterprise Hcm Shared Componentsにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-22019 2026-04-24 11:38 2026-04-21 Show GitHub Exploit DB Packet Storm
1533 6.1 警告
Adjacent 		Schneider Electric PowerChute Serial Shutdown Schneider Electric のPowerChute Serial Shutdownにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-2399 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1534 4.3 警告
Network 		Schneider Electric PowerChute Serial Shutdown Schneider Electric のPowerChute Serial ShutdownにおけるCRLF インジェクションの脆弱性 CWE-93
CRLF インジェクション 		CVE-2026-2400 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1535 5 警告
Local 		Schneider Electric PowerChute Serial Shutdown Schneider Electric のPowerChute Serial Shutdownにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-2401 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1536 5.3 警告
Network 		Schneider Electric PowerChute Serial Shutdown Schneider Electric のPowerChute Serial Shutdownにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-2402 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1537 4.3 警告
Network 		Schneider Electric PowerChute Serial Shutdown Schneider Electric のPowerChute Serial Shutdownにおける入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2026-2403 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1538 5.3 警告
Network 		Schneider Electric PowerChute Serial Shutdown Schneider Electric のPowerChute Serial Shutdownにおけるエンコードおよびエスケープに関する脆弱性 CWE-116
不適切なエンコード、または出力のエスケープ 		CVE-2026-2404 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1539 6.5 警告
Network 		Schneider Electric PowerChute Serial Shutdown Schneider Electric のPowerChute Serial Shutdownにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-2405 2026-04-24 11:38 2026-04-14 Show GitHub Exploit DB Packet Storm
1540 9.8 緊急
Network 		OpenAEV OpenAEV OpenAEVにおけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み 		CVE-2026-24467 2026-04-24 11:38 2026-04-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314231 6.1 MEDIUM
Network 		cacti cacti Reflected Cross Site Scripting (XSS) vulnerability in Cacti v1.2.25, allows remote attackers to escalate privileges when uploading an xml template file via templates_import.php. CWE-79
Cross-site Scripting 		CVE-2023-50569 2023-12-29 15:23 2023-12-22 Show GitHub Exploit DB Packet Storm
314232 - postnuke postnuke The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message. CWE-425
 Direct Request ('Forced Browsing') 		CVE-2005-1697 2023-12-29 04:27 2005-05-24 Show GitHub Exploit DB Packet Storm
314233 - wordpress wordpress Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in… CWE-425
 Direct Request ('Forced Browsing') 		CVE-2005-1688 2023-12-29 04:27 2005-05-20 Show GitHub Exploit DB Packet Storm
314234 7.5 HIGH
Network 		cisco
symantec
hp
avaya
redhat
freebsd
openbsd
apple
sco
4d
checkpoint
dell
lite
neoteris
novell
openssl
sgi
stonesoft
tarantella
vmware
bluecoat
securecomputing
sun 		firewall_services_module
clientless_vpn_gateway_4400
apache-based_web_server
aaa_server
sg203
hp-ux
enterprise_linux_desktop
ciscoworks_common_management_foundation
freebsd 		The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null… CWE-476
 NULL Pointer Dereference 		CVE-2004-0079 2023-12-29 00:33 2004-11-23 Show GitHub Exploit DB Packet Storm
314235 7.5 HIGH
Network 		veritas backup_exec VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet … CWE-476
 NULL Pointer Dereference 		CVE-2005-0772 2023-12-29 00:29 2005-06-28 Show GitHub Exploit DB Packet Storm
314236 7.5 HIGH
Network 		skystream emr5000 SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer excepti… CWE-476
 NULL Pointer Dereference 		CVE-2002-1912 2023-12-29 00:29 2002-12-31 Show GitHub Exploit DB Packet Storm
314237 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2023-45251 2023-12-27 03:15 2023-12-27 Show GitHub Exploit DB Packet Storm
314238 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2023-43851 2023-12-27 03:15 2023-12-27 Show GitHub Exploit DB Packet Storm
314239 9.8 CRITICAL
Network 		- - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-36189. Reason: This record is a duplicate of CVE-2023-36189. Notes: All CVE users should reference CVE-2023-36189 instead of this rec… - CVE-2023-32785 2023-12-27 03:15 2023-10-21 Show GitHub Exploit DB Packet Storm
314240 - gnu binutils Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (appl… CWE-787
 Out-of-bounds Write 		CVE-2006-2362 2023-12-23 02:15 2006-05-16 Show GitHub Exploit DB Packet Storm