Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2351	7.5	重要 Network		-	アップルのmacOSにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-28908	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2352	7.5	重要 Network	アップル	iOS iPadOS tvOS watchOS	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-28913	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2353	7.8	重要 Local		-	アップルのmacOSにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-28919	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2354	8.8	重要 Local		-	アップルのmacOSにおけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2026-28923	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2355	7.5	重要 Network		-	アップルのmacOSにおける競合状態に関する脆弱性	CWE-362 競合状態	CVE-2026-28924	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2356	7.5	重要 Network		-	アップルのmacOSにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-28925	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2357	7.5	重要 Network	アップル	iOS iPadOS	アップルのiPadOS等の複数製品における不正な比較ロジックの粒度に関する脆弱性	CWE-1254 不正な比較ロジックの粒度	CVE-2026-28929	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2358	7.5	重要 Network	アップル	iOS iPadOS visionos	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-28944	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2359	7.8	重要 Local	アップル	iOS iPadOS	アップルのiPadOS等の複数製品における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-28951	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

2360	7.5	重要 Network	アップル	iOS tvOS watchOS visionos iPadOS	アップルのiPadOS等の複数製品におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2026-28953	2026-05-14 10:21	2026-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311921	5.4	MEDIUM Network	ladybirdweb	faveo_helpdesk	An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields	CWE-79 Cross-site Scripting	CVE-2024-51377	2024-11-15 08:23	2024-11-2	Show	GitHub Exploit DB Packet Storm

311922	9.8	CRITICAL Network	olivegroup	olivevle	An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function.	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2024-48428	2024-11-15 08:15	2024-10-26	Show	GitHub Exploit DB Packet Storm

311923	7.5	HIGH Network	plenti	plenti	Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti use…	CWE-22 Path Traversal	CVE-2024-49381	2024-11-15 08:04	2024-10-25	Show	GitHub Exploit DB Packet Storm

311924	8.8	HIGH Network	autolabproject	autolab	Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient…	CWE-863 Incorrect Authorization	CVE-2024-49376	2024-11-15 07:49	2024-10-25	Show	GitHub Exploit DB Packet Storm

311925	9.8	CRITICAL Network	vice	webopac	Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents.	CWE-89 SQL Injection	CVE-2024-11016	2024-11-15 06:53	2024-11-11	Show	GitHub Exploit DB Packet Storm

311926	9.8	CRITICAL Network	matrixcomsec	cosec_vega_faxq_firmware	This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vu…	NVD-CWE-Other	CVE-2024-10381	2024-11-15 06:44	2024-10-25	Show	GitHub Exploit DB Packet Storm

311927	5.9	MEDIUM Network	ibm	txseries_for_multiplatforms	IBM TXSeries for Multiplatforms 10.1 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the …	NVD-CWE-noinfo	CVE-2024-41738	2024-11-15 05:51	2024-11-2	Show	GitHub Exploit DB Packet Storm

311928	7.8	HIGH Local	bytecodealliance	webassembly_micro_runtime	An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility func…	CWE-125 Out-of-bounds Read	CVE-2024-25431	2024-11-15 05:42	2024-11-9	Show	GitHub Exploit DB Packet Storm

311929	5.3	MEDIUM Network	ibm	txseries_for_multiplatforms	IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system.	CWE-203 Information Exposure Through Discrepancy	CVE-2024-41741	2024-11-15 05:42	2024-11-2	Show	GitHub Exploit DB Packet Storm

311930	8.8	HIGH Network	sbond	watcharr	A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform privilege escalation using a crafted JWT token. This vulnerability is not limited to privilege escalation…	NVD-CWE-noinfo	CVE-2024-50634	2024-11-15 05:40	2024-11-9	Show	GitHub Exploit DB Packet Storm