Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2101 7.5 重要
Network 		EMQX nanomq EMQXのnanomqにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-32135 2026-04-24 11:31 2026-04-20 Show GitHub Exploit DB Packet Storm
2102 7.4 重要
Local 		マイクロソフト Microsoft Windows Server 2019
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows 11 23h2
Microsoft … 		Windows UPnP デバイス ホストのリモートでコードが実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-32156 2026-04-24 11:31 2026-04-14 Show GitHub Exploit DB Packet Storm
2103 7.5 重要
Network 		jqlang jq jqlangのjqにおける複数の脆弱性 CWE-122
CWE-190
CVE-2026-32316 2026-04-24 11:31 2026-04-13 Show GitHub Exploit DB Packet Storm
2104 8.1 重要
Network 		nginxui nginx ui Nginx UI TeamのNginx UIにおける複数の脆弱性 CWE-284
CWE-863
CVE-2026-33031 2026-04-24 11:31 2026-04-20 Show GitHub Exploit DB Packet Storm
2105 4.3 警告
Network 		Docmost Docmost Docmostにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-33146 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
2106 8.1 重要
Network 		tandoor recipes tandoorのrecipesにおけるHTTP ヘッダのスクリプト構文の不適切な無効化に関する脆弱性 CWE-644
HTTP ヘッダのスクリプト構文の不適切な無効化 		CVE-2026-33149 2026-04-24 11:30 2026-03-26 Show GitHub Exploit DB Packet Storm
2107 4.6 警告
Network 		Docmost Docmost Docmostにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-33193 2026-04-24 11:30 2026-04-14 Show GitHub Exploit DB Packet Storm
2108 6.5 警告
Network 		Elasticsearch B.V. Kibana Elasticsearch B.V.のKibanaにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-33461 2026-04-24 11:30 2026-04-8 Show GitHub Exploit DB Packet Storm
2109 4.8 警告
Network 		cryptomator cryptomator cryptomatorにおける複数の脆弱性 CWE-305
CWE-319
CVE-2026-33472 2026-04-24 11:30 2026-04-16 Show GitHub Exploit DB Packet Storm
2110 5.5 警告
Network 		Pinchtab PinchTab PinchtabのPinchTabにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-33619 2026-04-24 11:30 2026-03-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314531 - appindex mwchat PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_Libs] parameter. NVD-CWE-Other
CVE-2005-1869 2024-02-14 10:17 2005-06-7 Show GitHub Exploit DB Packet Storm
314532 - wwweb_concepts events_system SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attackers to execute arbitrary SQL commands via the password. NVD-CWE-Other
CVE-2005-1910 2024-02-14 10:17 2005-06-5 Show GitHub Exploit DB Packet Storm
314533 - livingmailing livingmailing SQL injection vulnerability in login.asp in livingmailing 1.3 allows remote attackers to execute arbitrary SQL commands via the password. NOTE: there is little public information about this product a… NVD-CWE-Other
CVE-2005-1906 2024-02-14 10:17 2005-06-2 Show GitHub Exploit DB Packet Storm
314534 - dotnetindex active_news_manager SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to execute arbitrary SQL commands via the password. NVD-CWE-Other
CVE-2005-1780 2024-02-14 10:17 2005-05-31 Show GitHub Exploit DB Packet Storm
314535 - zongg zongg SQL injection vulnerability in ad/login.asp in ZonGG 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NVD-CWE-Other
CVE-2005-1785 2024-02-14 10:17 2005-05-31 Show GitHub Exploit DB Packet Storm
314536 - online_solutions_for_educators online_solutions_for_educators SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password. NVD-CWE-Other
CVE-2005-1805 2024-02-14 10:17 2005-05-28 Show GitHub Exploit DB Packet Storm
314537 - distinct_web_creations newsletterez SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 allows remote attackers to execute arbitrary SQL commands via the password parameter. NVD-CWE-Other
CVE-2005-1750 2024-02-14 10:17 2005-05-25 Show GitHub Exploit DB Packet Storm
314538 - funkyasp funkyasp_ad_system SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password parameter. NVD-CWE-Other
CVE-2005-1786 2024-02-14 10:17 2005-05-25 Show GitHub Exploit DB Packet Storm
314539 - xine gxine Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format st… NVD-CWE-Other
CVE-2005-1692 2024-02-14 10:17 2005-05-24 Show GitHub Exploit DB Packet Storm
314540 - web-app.org webapp apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. CWE-20
 Improper Input Validation  		CVE-2005-1628 2024-02-14 10:17 2005-05-17 Show GitHub Exploit DB Packet Storm