Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2521 8.8 重要
Adjacent 		D-Link Systems, Inc. DIR-600L ファームウェア D-Link CorporationのDIR-600L ファームウェアにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-42374 2026-05-8 12:11 2026-05-4 Show GitHub Exploit DB Packet Storm
2522 8.8 重要
Adjacent 		D-Link Systems, Inc. DIR-600L ファームウェア D-Link CorporationのDIR-600L ファームウェアにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-42375 2026-05-8 12:11 2026-05-4 Show GitHub Exploit DB Packet Storm
2523 9.8 緊急
Network 		MIYAGAWA (Tatsuhiko Miyagawa) Plack::Middleware::Session::Cookie MIYAGAWA (Tatsuhiko Miyagawa)のPlack::Middleware::Session::Cookieにおける検証および完全性チェックを行っていない Cookie への依存に関する脆弱性 CWE-565
検証および完全性チェックを行っていない Cookie への依存 		CVE-2014-125112 2026-05-8 12:11 2026-03-26 Show GitHub Exploit DB Packet Storm
2524 7.5 重要
Network 		Lobster DATA GmbH Lobster_pro Lobster DATA GmbHのLobster_proにおけるXML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2024-13971 2026-05-8 12:11 2026-04-30 Show GitHub Exploit DB Packet Storm
2525 9.8 緊急
Network 		D-Link Systems, Inc. DIR-1253 Firmware D-Link CorporationのDIR-1253 Firmwareにおける権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2025-29165 2026-05-8 12:11 2026-03-5 Show GitHub Exploit DB Packet Storm
2526 4.4 警告
Local 		IBM Planning Analytics Advanced Certified Containers IBMのPlanning Analytics Advanced Certified Containersにおける複数の脆弱性 CWE-312
CWE-526
CVE-2025-36105 2026-05-8 12:11 2026-03-10 Show GitHub Exploit DB Packet Storm
2527 6.1 警告
Network 		IBM IBM InfoSphere Data Architect IBMのIBM InfoSphere Data Architectにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-36173 2026-05-8 12:11 2026-03-10 Show GitHub Exploit DB Packet Storm
2528 7.5 重要
Network 		クアルコム QCN5154 ファームウェア
QCA6574 ファームウェア
SAR2130P Firmware
X2000094 ファームウェア
SM6650P ファームウェア
QCA8102 Firmware
QXM1086 Firmware
QCA2064 ファームウェア
QC… 		クアルコムのAR8035 ファームウェア等の複数製品における複数の脆弱性 CWE-125
CWE-126
CVE-2025-47401 2026-05-8 12:11 2026-05-4 Show GitHub Exploit DB Packet Storm
2529 7.5 重要
Network 		クアルコム QCN5154 ファームウェア
QCA6574 ファームウェア
SAR2130P Firmware
X2000094 ファームウェア
SM6650P ファームウェア
QXM1086 Firmware
qcn9100 ファームウェア
QCA6777AQ ファームウェア
Q… 		クアルコムのAR8035 ファームウェア等の複数製品における複数の脆弱性 CWE-125
CWE-126
CVE-2025-47403 2026-05-8 12:11 2026-05-4 Show GitHub Exploit DB Packet Storm
2530 7.8 重要
Local 		クアルコム QCA6574 ファームウェア
SM6650P ファームウェア
SA8150P ファームウェア
Snapdragon W5+ Gen 1 Wearable Firmware
Snapdragon X53 5G Modem-RF Firmware
s… 		クアルコムのQualcomm 215 Mobile Firmware等の複数製品における複数の脆弱性 CWE-120
CWE-787
CVE-2025-47404 2026-05-8 12:11 2026-05-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
318111 5.5 MEDIUM
Local 		icq icq ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information. CWE-459
 Incomplete Cleanup 		CVE-2000-0552 2024-02-9 05:12 2000-06-6 Show GitHub Exploit DB Packet Storm
318112 9.8 CRITICAL
Network 		risearch risearch
risearch_pro 		RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, o… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2004-2061 2024-02-9 04:56 2004-07-27 Show GitHub Exploit DB Packet Storm
318113 9.8 CRITICAL
Network 		siemens db4web DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that sp… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2002-1484 2024-02-9 04:56 2003-04-22 Show GitHub Exploit DB Packet Storm
318114 7.5 HIGH
Network 		adobe acrobat_reader
acrobat 		The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulne… CWE-611
XXE 		CVE-2005-1306 2024-02-9 04:55 2005-06-15 Show GitHub Exploit DB Packet Storm
318115 5.5 MEDIUM
Local 		dump_project dump dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file. CWE-667
 Improper Locking 		CVE-2002-1914 2024-02-9 04:24 2002-12-31 Show GitHub Exploit DB Packet Storm
318116 5.5 MEDIUM
Local 		openbsd
netbsd
freebsd 		openbsd
netbsd
freebsd 		tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. CWE-667
 Improper Locking 		CVE-2002-1915 2024-02-9 04:24 2002-12-31 Show GitHub Exploit DB Packet Storm
318117 7.8 HIGH
Local 		microsoft windows_2000 Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access. CWE-667
 Improper Locking 		CVE-2002-0051 2024-02-9 04:24 2002-04-4 Show GitHub Exploit DB Packet Storm
318118 5.5 MEDIUM
Local 		concurrent_versions_software_project concurrent_versions_software Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use… CWE-667
 Improper Locking 		CVE-2000-0338 2024-02-9 04:23 2000-04-23 Show GitHub Exploit DB Packet Storm
318119 5.5 MEDIUM
Local 		qualcomm qpopper qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes. CWE-667
 Improper Locking 		CVE-2000-1198 2024-02-9 04:22 2001-08-31 Show GitHub Exploit DB Packet Storm
318120 9.8 CRITICAL
Network 		gnome
debian 		evolution
debian_linux 		Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte… CWE-190
 Integer Overflow or Wraparound 		CVE-2005-0102 2024-02-9 03:39 2005-01-24 Show GitHub Exploit DB Packet Storm