Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2011 6.5 警告
Network 		lfprojects mlflow lfprojectsのmlflowにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-3198 2026-06-5 10:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2012 5.4 警告
Network 		Shopify React Router ShopifyのReact Routerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-33244 2026-06-5 10:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2013 6.1 警告
Network 		- SAPのSAP Netweaver Application Server ABAPにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-34257 2026-06-5 10:47 2026-04-14 Show GitHub Exploit DB Packet Storm
2014 7.5 重要
Network 		prefect prefect Prefect Technologies, Inc.のPrefectにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-3514 2026-06-5 10:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2015 7.9 重要
Network 		オラクル REST Data Services オラクルのREST Data Servicesにおける複数の脆弱性 CWE-352
CWE-400
CVE-2026-35266 2026-06-5 10:47 2026-05-28 Show GitHub Exploit DB Packet Storm
2016 8.1 重要
Network 		オラクル REST Data Services オラクルのREST Data Servicesにおける複数の脆弱性 CWE-284
CWE-400
CVE-2026-35277 2026-06-5 10:47 2026-05-28 Show GitHub Exploit DB Packet Storm
2017 6.3 警告
Network 		VIVOTEK Inc. Network Camera FD8136 ファームウェア VIVOTEK Inc.のNetwork Camera FD8136 ファームウェアにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-35716 2026-06-5 10:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2018 6.3 警告
Network 		VIVOTEK Inc. Network Camera FD8136 ファームウェア VIVOTEK Inc.のNetwork Camera FD8136 ファームウェアにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-35717 2026-06-5 10:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2019 6.5 警告
Network 		VIVOTEK Inc. Network Camera FD8136 ファームウェア VIVOTEK Inc.のNetwork Camera FD8136 ファームウェアにおけるパストラバーサルの脆弱性 CWE-22
CWE-22
CVE-2026-35718 2026-06-5 10:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2020 8.6 重要
Network 		OpenAirInterface Software Alliance OpenAirInterface 5G OpenAirInterface Software AllianceのOpenAirInterface 5Gにおけるゼロ除算に関する脆弱性 CWE-369
ゼロ除算 		CVE-2026-37232 2026-06-5 10:47 2026-06-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
310881 9.8 CRITICAL
Network 		apache_authenhook_project apache_authenhook libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log. CWE-200
Information Exposure 		CVE-2010-3845 2024-11-21 10:19 2017-08-9 Show GitHub Exploit DB Packet Storm
310882 - ffmpeg
mplayerhq 		ffmpeg
mplayer 		FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a mal… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3908 2024-11-21 10:19 2011-05-21 Show GitHub Exploit DB Packet Storm
310883 - microsoft windows_server_2008
windows_xp
windows_7
windows_vista
windows_server_2003
windows_2003_server 		fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold an… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3974 2024-11-21 10:19 2011-04-14 Show GitHub Exploit DB Packet Storm
310884 - microsoft .net_framework The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted X… CWE-20
 Improper Input Validation  		CVE-2010-3958 2024-11-21 10:19 2011-04-14 Show GitHub Exploit DB Packet Storm
310885 - horde groupware
dynamic_imp 		Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) before 1.1.5, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via… CWE-79
Cross-site Scripting 		CVE-2010-3693 2024-11-21 10:19 2011-04-4 Show GitHub Exploit DB Packet Storm
310886 - horde imp
groupware 		Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or H… CWE-79
Cross-site Scripting 		CVE-2010-3695 2024-11-21 10:19 2011-04-1 Show GitHub Exploit DB Packet Storm
310887 - openslp
vmware 		openslp
esxi
esx 		The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.… NVD-CWE-noinfo
CVE-2010-3609 2024-11-21 10:19 2011-03-12 Show GitHub Exploit DB Packet Storm
310888 - apache tomcat Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write … NVD-CWE-Other
CVE-2010-3718 2024-11-21 10:19 2011-02-11 Show GitHub Exploit DB Packet Storm
310889 - modxcms evolution Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE… CWE-22
Path Traversal 		CVE-2010-3930 2024-11-21 10:19 2011-02-2 Show GitHub Exploit DB Packet Storm
310890 - modxcms evolution SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch. CWE-89
SQL Injection 		CVE-2010-3929 2024-11-21 10:19 2011-02-2 Show GitHub Exploit DB Packet Storm