Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251491	5	警告	オラクル	-	Oracle Fusion Middleware の Oracle Business Intelligence Enterprise Edition コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-2241	2011-08-1 11:42	2011-07-19	Show	GitHub Exploit DB Packet Storm

251492	4	警告	オラクル	-	Oracle Fusion Middleware の Oracle BPEL Process Manager コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0884	2011-08-1 11:40	2011-07-19	Show	GitHub Exploit DB Packet Storm

251493	4	警告	オラクル	-	Oracle Fusion Middleware の Oracle Containers for J2EE コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0883	2011-08-1 11:33	2011-07-19	Show	GitHub Exploit DB Packet Storm

251494	6	警告	オラクル	-	Oracle Database Server および Oracle Fusion Middleware における脆弱性	CWE-noinfo 情報不足	CVE-2011-2232	2011-08-1 11:32	2011-07-19	Show	GitHub Exploit DB Packet Storm

251495	4.3	警告	オラクル	-	Oracle Database Server および Oracle Fusion Middleware における脆弱性	CWE-noinfo 情報不足	CVE-2011-2231	2011-08-1 11:31	2011-07-19	Show	GitHub Exploit DB Packet Storm

251496	10	危険	オラクル	-	Oracle Secure Backup における脆弱性	CWE-noinfo 情報不足	CVE-2011-2261	2011-08-1 11:30	2011-07-19	Show	GitHub Exploit DB Packet Storm

251497	5.1	警告	サイバートラスト株式会社 Carnegie Mellon University (Project Cyrus) レッドハット	-	Cyrus IMAP Server の STARTTLS 実装における暗号化セッションにコマンドを挿入される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1926	2011-08-1 11:02	2011-05-23	Show	GitHub Exploit DB Packet Storm

251498	6.9	警告	GNU Project サイバートラスト株式会社レッドハット	-	bash-doc における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2008-5374	2011-08-1 10:58	2008-12-8	Show	GitHub Exploit DB Packet Storm

251499	2.1	注意	レッドハット fedorahosted.org	-	SSSD の pam_parse_in_data_v2 関数におけるサービス運用妨害 (無限ループ、クラッシュおよびログイン防止) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4341	2011-08-1 10:57	2011-01-25	Show	GitHub Exploit DB Packet Storm

251500	10	危険	rsync.samba.org アップルレッドハット	-	rsync における隠しファイルを読込/書込される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6200	2011-08-1 10:54	2007-12-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2451	5.9	MEDIUM Network	-	-	Missing expiration, hash, and length enforcement in delegated metadata validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users with delegated signing authority to bypass TU…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-6967	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

2452	5.9	MEDIUM Network	-	-	Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0 allow remote authenticated users with delegated signing authority to write files outside intended output directories via absolute…	CWE-22 Path Traversal	CVE-2026-6968	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

2453	7.8	HIGH Local	-	-	NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTe…	CWE-427 Uncontrolled Search Path Element	CVE-2026-42171	2026-04-28 03:57	2026-04-25	Show	GitHub Exploit DB Packet Storm

2454	4.0	MEDIUM Network	-	-	Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response.	CWE-706 Use of Incorrectly-Resolved Name or Reference	CVE-2026-42254	2026-04-28 03:57	2026-04-26	Show	GitHub Exploit DB Packet Storm

2455	7.0	HIGH Local	-	-	Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level acce…	CWE-362 Race Condition	CVE-2026-3006	2026-04-28 03:57	2026-04-27	Show	GitHub Exploit DB Packet Storm

2456	-		-	-	An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration fi…	CWE-282 Improper Ownership Management	CVE-2026-3867	2026-04-28 03:57	2026-04-27	Show	GitHub Exploit DB Packet Storm

2457	-		-	-	An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management inter…	CWE-130 Improper Handling of Length Parameter Inconsistency	CVE-2026-3868	2026-04-28 03:57	2026-04-27	Show	GitHub Exploit DB Packet Storm

2458	6.6	MEDIUM Local	-	-	Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application.	CWE-134 Use of Externally-Controlled Format String	CVE-2026-3008	2026-04-28 03:57	2026-04-27	Show	GitHub Exploit DB Packet Storm

2459	5.1	MEDIUM Local	-	-	uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.	CWE-197 Numeric Truncation Error	CVE-2026-42371	2026-04-28 03:57	2026-04-27	Show	GitHub Exploit DB Packet Storm

2460	-		-	-	OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information …	CWE-346 Origin Validation Error	CVE-2026-22077	2026-04-28 03:57	2026-04-27	Show	GitHub Exploit DB Packet Storm