Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
11 6.3 警告
Network 		libssh
レッドハット		 Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
libssh
Red Hat Hardened Images 		libssh等の複数ベンダの製品におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-0964 2026-05-1 10:49 2026-03-26 Show GitHub Exploit DB Packet Storm
12 8.2 重要
Network 		libssh
レッドハット		 Red Hat OpenShift Container Platform
Red Hat Enterprise Linux
libssh
Red Hat Hardened Images 		libssh等の複数ベンダの製品におけるバッファアンダーフローの脆弱性 New CWE-124
バッファアンダーフロー 		CVE-2026-0966 2026-05-1 10:49 2026-03-26 Show GitHub Exploit DB Packet Storm
13 5.3 警告
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおける整数アンダーフローの脆弱性 New CWE-191
整数アンダーフロー 		CVE-2026-1005 2026-05-1 10:49 2026-03-19 Show GitHub Exploit DB Packet Storm
14 7.8 重要
Local 		マイクロソフト Microsoft 365 Apps
Office Long Term Servicing Channel (LTSC) 		Microsoft Word のリモートでコードが実行される脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-23657 2026-05-1 10:49 2026-04-14 Show GitHub Exploit DB Packet Storm
15 7.5 重要
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおけるセキュリティチェックに関する脆弱性 New CWE-358
不適切に実装されたセキュリティチェック 		CVE-2026-2645 2026-05-1 10:48 2026-03-19 Show GitHub Exploit DB Packet Storm
16 8.1 重要
Network 		wolfSSL Inc. wolfSSL wolfSSL Inc.のwolfSSLにおける複数の脆弱性 New CWE-122
CWE-787
CVE-2026-2646 2026-05-1 10:48 2026-03-19 Show GitHub Exploit DB Packet Storm
17 7.5 重要
Network 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースのロックに関する脆弱性 New CWE-667
不適切なロック 		CVE-2026-31598 2026-05-1 10:48 2026-04-24 Show GitHub Exploit DB Packet Storm
18 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2026-31599 2026-05-1 10:48 2026-04-24 Show GitHub Exploit DB Packet Storm
19 7.5 重要
Network 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 New CWE-476
NULL ポインタデリファレンス 		CVE-2026-31600 2026-05-1 10:48 2026-04-24 Show GitHub Exploit DB Packet Storm
20 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 New CWE-noinfo
情報不足 		CVE-2026-31601 2026-05-1 10:48 2026-04-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313621 9.8 CRITICAL
Network 		lightwavemo consoleserver_3200_firmware Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2001-0395 2024-02-9 12:14 2001-07-2 Show GitHub Exploit DB Packet Storm
313622 9.8 CRITICAL
Network 		archilles newsworld admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and s… CWE-522
 Insufficiently Protected Credentials 		CVE-2005-3435 2024-02-9 12:13 2005-11-2 Show GitHub Exploit DB Packet Storm
313623 7.5 HIGH
Network 		openssl
canonical 		openssl
ubuntu_linux 		The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certi… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2005-2946 2024-02-9 12:13 2005-09-17 Show GitHub Exploit DB Packet Storm
313624 - armagetronad armagetron_advanced
armagetron 		Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) clai… CWE-129
 Improper Validation of Array Index 		CVE-2005-0369 2024-02-9 12:13 2005-05-2 Show GitHub Exploit DB Packet Storm
313625 9.8 CRITICAL
Network 		citrusdb citrusdb CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating t… CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2005-0408 2024-02-9 12:13 2005-02-14 Show GitHub Exploit DB Packet Storm
313626 7.5 HIGH
Network 		teekai tracking_online TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 has… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2002-2058 2024-02-9 12:13 2002-12-31 Show GitHub Exploit DB Packet Storm
313627 7.5 HIGH
Network 		postgresql postgresql PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2002-1657 2024-02-9 12:06 2002-12-31 Show GitHub Exploit DB Packet Storm
313628 5.5 MEDIUM
Local 		busybox
avaya 		busybox
message_networking
aura_sip_enablement_services
aura_application_enablement_services
messaging_storage_server 		BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2006-1058 2024-02-9 12:05 2006-04-4 Show GitHub Exploit DB Packet Storm
313629 6.1 MEDIUM
Network 		freescripts visitorbook_le FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site script… CWE-346
 Origin Validation Error 		CVE-2003-0981 2024-02-9 11:53 2004-01-5 Show GitHub Exploit DB Packet Storm
313630 7.5 HIGH
Network 		6tunnel_project 6tunnel 6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to … CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2001-0830 2024-02-9 11:52 2001-12-6 Show GitHub Exploit DB Packet Storm