Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2181 9.8 緊急
Network 		ThemeMove Makeaholic ThemeMoveのWordPress用MakeaholicにおけるPHP リモートファイルインクルージョンの脆弱性 CWE-98
PHP リモートファイルインクルージョン 		CVE-2025-54700 2026-02-6 10:38 2025-08-14 Show GitHub Exploit DB Packet Storm
2182 5.5 警告
Local 		Python Software Foundation Python Python Software FoundationのPythonにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2025-6075 2026-02-6 10:38 2025-10-31 Show GitHub Exploit DB Packet Storm
2183 5.5 警告
Local 		libarchive libarchive libarchiveにおける複数の脆弱性 CWE-400
CWE-835
CVE-2025-60753 2026-02-6 10:38 2025-11-5 Show GitHub Exploit DB Packet Storm
2184 8.8 重要
Network 		Kagilum IceScrum KagilumのIceScrumにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2025-60785 2026-02-6 10:38 2025-11-3 Show GitHub Exploit DB Packet Storm
2185 8.1 重要
Network 		hono hono honoにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2025-62610 2026-02-6 10:38 2025-10-22 Show GitHub Exploit DB Packet Storm
2186 7.3 重要
Network 		Open Source Social Network Open Source Social Network Open Source Social Networkにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-63441 2026-02-6 10:38 2025-11-3 Show GitHub Exploit DB Packet Storm
2187 7.5 重要
Network 		MetInfo MetInfo MetInfoにおける複数の脆弱性 CWE-611
CWE-918
CVE-2025-63551 2026-02-6 10:37 2025-11-6 Show GitHub Exploit DB Packet Storm
2188 4.8 警告
Network 		OpenMage Magento OpenMageのMagentoにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-64174 2026-02-6 10:37 2025-11-6 Show GitHub Exploit DB Packet Storm
2189 9.8 緊急
Network 		angeljudesuarez society management system Angel Jude Reyes Suarezのsociety management systemにおける複数の脆弱性 CWE-74
CWE-89
CVE-2026-1118 2026-02-6 10:37 2026-01-18 Show GitHub Exploit DB Packet Storm
2190 9.8 緊急
Network 		angeljudesuarez society management system Angel Jude Reyes Suarezのsociety management systemにおける複数の脆弱性 CWE-74
CWE-89
CVE-2026-1119 2026-02-6 10:37 2026-01-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
349251 - working_resources_inc. badblue BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges. NVD-CWE-Other
CVE-2002-1022 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349252 - working_resources_inc. badblue BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. NVD-CWE-Other
CVE-2002-1023 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349253 - macromedia jrun JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed. NVD-CWE-Other
CVE-2002-1025 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349254 - macromedia sitespring Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly trigger… NVD-CWE-Other
CVE-2002-1026 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349255 - macromedia sitespring Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 50… NVD-CWE-Other
CVE-2002-1027 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349256 - oddsock song_requester Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments. NVD-CWE-Other
CVE-2002-1028 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349257 - worldspan res_manager Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990. NVD-CWE-Other
CVE-2002-1029 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349258 - bea weblogic_server Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections. NVD-CWE-Other
CVE-2002-1030 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349259 - key_focus kf_web_server KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character. NVD-CWE-Other
CVE-2002-1031 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
349260 - key_focus kf_web_server Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header. NVD-CWE-Other
CVE-2002-1032 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm