Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250891	6.8	警告	アップル	-	Apple Mac OS X の QuickLook における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-0208	2011-07-7 11:34	2011-06-24	Show	GitHub Exploit DB Packet Storm

250892	5	警告	アップル	-	Apple Mac OS X の MobileMe における重要なエイリアス情報を取得される脆弱性	CWE-310 暗号の問題	CVE-2011-0207	2011-07-7 11:33	2011-06-24	Show	GitHub Exploit DB Packet Storm

250893	6.8	警告	アップル	-	Apple Mac OS X の ImageIO におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0205	2011-07-7 11:30	2011-06-24	Show	GitHub Exploit DB Packet Storm

250894	5	警告	アップル	-	Apple Mac OS X の FTP Server コンポーネントにおける絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-0203	2011-07-6 07:54	2011-06-24	Show	GitHub Exploit DB Packet Storm

250895	5.1	警告	XnSoft	-	XnView における実行ファイル読み込みに関する脆弱性	CWE-Other その他	CVE-2011-1338	2011-07-5 12:01	2011-07-5	Show	GitHub Exploit DB Packet Storm

250896	4.3	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2011-1337	2011-07-5 12:01	2011-07-5	Show	GitHub Exploit DB Packet Storm

250897	5.8	警告	アップル	-	Apple Mac OS X の Certificate Trust Policy コンポーネントにおける SSL サーバーを偽造される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0199	2011-07-5 09:07	2011-06-24	Show	GitHub Exploit DB Packet Storm

250898	6.8	警告	アップル	-	Apple Mac OS X の Apple Type Services におけるヒープベースのバッファーオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0198	2011-07-5 09:03	2011-06-24	Show	GitHub Exploit DB Packet Storm

250899	2.1	注意	アップル	-	Apple Mac OS X の App Store における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-0197	2011-07-5 09:02	2011-06-24	Show	GitHub Exploit DB Packet Storm

250900	7.8	危険	アップル	-	Apple Mac OS X の AirPort におけるサービス運用妨害 (out-of-bounds read および、リブート) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0196	2011-07-5 09:01	2011-06-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1581	3.7	LOW Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode() function in lib/helpers/AxiosURLSearchParams.js contains a character mapping (charMap) at li…	CWE-116 CWE-626 Improper Encoding or Escaping of Output Null Byte Interaction Error (Poison Null Byte)	CVE-2026-42040	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1582	7.4	HIGH Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter (lib/adapters/http.js) that allows an attac…	CWE-113 CWE-1321 HTTP Response Splitting Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-42035	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1583	5.3	MEDIUM Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.1, the FormDataPart constructor in lib/helpers/formDataToStream.js interpolates value.type directly into th…	CWE-93 CRLF Injection	CVE-2026-42037	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1584	4.8	MEDIUM Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype…	CWE-287 CWE-1321 Improper Authentication Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-42041	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1585	5.4	MEDIUM Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library's XSRF token protection logic uses JavaScript truthy/falsy semantics instead of strict …	CWE-183 CWE-201 Permissive List of Allowed Inputs Insertion of Sensitive Information Into Sent Data	CVE-2026-42042	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1586	7.2	HIGH Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence the target URL of an Axios request can use any address in the 127.0.0.0/8 r…	CWE-183 CWE-441 CWE-918 Permissive List of Allowed Inputs Confused Deputy Server-Side Request Forgery (SSRF)	CVE-2026-42043	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1587	6.5	MEDIUM Network	-	-	Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype…	CWE-915 CWE-1321 Improperly Controlled Modification of Dynamically-Determined Object Attributes Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-42044	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1588	-		-	-	Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFil…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-41326	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1589	5.3	MEDIUM Network	-	-	4ga Boards is a boards system for realtime project management. Prior to 3.3.5, 4ga Boards is vulnerable to user enumeration via a timing side-channel in the login endpoint (POST /api/access-tokens). …	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-41418	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

1590	7.6	HIGH Network	-	-	4ga Boards is a boards system for realtime project management. Prior to 3.3.5, a path traversal vulnerability allows an authenticated user with board import privileges to make the server ingest arbit…	CWE-22 Path Traversal	CVE-2026-41419	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm