Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2051 5.4 警告
Network 		オラクル Oracle Fusion Middleware オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-35232 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
2052 6.4 警告
Network 		オラクル Oracle Fusion Middleware オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-35252 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
2053 7.3 重要
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35338 2026-04-28 10:13 2026-04-22 Show GitHub Exploit DB Packet Storm
2054 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるUnicode エンコーディングの処理に関する脆弱性 CWE-176
Unicode エンコーディングの不適切な処理 		CVE-2026-35346 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2055 4.4 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-35347 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2056 7.7 重要
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-35349 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2057 4.2 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるパーミッションの不適切な保持に関する脆弱性 CWE-281
パーミッションの不適切な保持 		CVE-2026-35351 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2058 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35353 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2059 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35355 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2060 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35356 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313941 9.8 CRITICAL
Network 		- - The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin n… - CVE-2024-7350 2024-08-8 12:15 2024-08-8 Show GitHub Exploit DB Packet Storm
313942 - apache http_server The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated … NVD-CWE-Other
CVE-2003-1307 2024-08-8 12:15 2003-12-31 Show GitHub Exploit DB Packet Storm
313943 8.8 HIGH
Network 		- - The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the wpeden_post_meta post meta value. Th… - CVE-2024-7561 2024-08-8 11:15 2024-08-8 Show GitHub Exploit DB Packet Storm
313944 7.2 HIGH
Network 		- - The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the newsflash_post_meta meta value. Th… - CVE-2024-7560 2024-08-8 11:15 2024-08-8 Show GitHub Exploit DB Packet Storm
313945 8.8 HIGH
Network 		- - The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpeden_post_meta' post meta.… - CVE-2024-7486 2024-08-8 11:15 2024-08-8 Show GitHub Exploit DB Packet Storm
313946 8.5 HIGH
Network 		- - An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-38206 2024-08-8 11:15 2024-08-7 Show GitHub Exploit DB Packet Storm
313947 8.2 HIGH
Network 		- - An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link. CWE-79
Cross-site Scripting 		CVE-2024-38166 2024-08-8 11:15 2024-08-7 Show GitHub Exploit DB Packet Storm
313948 - - - Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when… NVD-CWE-Other
CVE-2004-2238 2024-08-8 11:15 2004-12-31 Show GitHub Exploit DB Packet Storm
313949 - gnu less Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings … NVD-CWE-Other
CVE-2004-2264 2024-08-8 11:15 2004-12-31 Show GitHub Exploit DB Packet Storm
313950 - microsoft windows_2000
windows_2003_server
windows_xp 		Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl f… NVD-CWE-Other
CVE-2004-2339 2024-08-8 11:15 2004-12-31 Show GitHub Exploit DB Packet Storm