Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2531	9.6	緊急 Network	Imagination Technologies Limited	GPU DDK	Imagination Technologies LimitedのGPU DDKにおける複数の脆弱性	CWE-787 CWE-823	CVE-2026-21732	2026-04-23 10:15	2026-03-20	Show	GitHub Exploit DB Packet Storm

2532	7.8	重要 Local	Imagination Technologies Limited	GPU DDK	Imagination Technologies LimitedのGPU DDKにおける同期の欠如に関する脆弱性	CWE-820 同期の欠如	CVE-2026-22163	2026-04-23 10:15	2026-03-20	Show	GitHub Exploit DB Packet Storm

2533	6.8	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおける複数の脆弱性	CWE-284 CWE-693	CVE-2026-22692	2026-04-23 10:15	2026-04-14	Show	GitHub Exploit DB Packet Storm

2534	5.5	警告 Local	gimp	gimp	gimpにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-2271	2026-04-23 10:15	2026-03-26	Show	GitHub Exploit DB Packet Storm

2535	8.2	重要 Network	GNOME Project レッドハット	libsoup Red Hat Enterprise Linux	GNOME Project等の複数ベンダの製品における期限切れのポインタデリファレンスに関する脆弱性	CWE-825 期限切れのポインタデリファレンス	CVE-2026-2436	2026-04-23 10:15	2026-03-26	Show	GitHub Exploit DB Packet Storm

2536	5.4	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24906	2026-04-23 10:15	2026-04-14	Show	GitHub Exploit DB Packet Storm

2537	5.4	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-24907	2026-04-23 10:15	2026-04-14	Show	GitHub Exploit DB Packet Storm

2538	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおけるリクエストの直接送信に関する脆弱性	CWE-425 リクエストの直接送信	CVE-2026-25679	2026-04-23 10:14	2026-03-6	Show	GitHub Exploit DB Packet Storm

2539	9.8	緊急 Network	Apache Software Foundation	Apache Airflow	Apache Software FoundationのApache Airflowにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-25917	2026-04-23 10:14	2026-04-18	Show	GitHub Exploit DB Packet Storm

2540	7.5	重要 Network	The Go Project	Go	The Go ProjectのGoにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-27137	2026-04-23 10:14	2026-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314881	-	php	php	PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell…	CWE-88 Argument Injection	CVE-2001-1246	2024-02-15 00:17	2001-06-30	Show	GitHub Exploit DB Packet Storm

314882	-	ibm	lotus_notes	The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring d…	CWE-203 Information Exposure Through Discrepancy	CVE-2000-1117	2024-02-15 00:16	2001-01-9	Show	GitHub Exploit DB Packet Storm

314883	-	gnu	cvs	CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which caus…	CWE-203 Information Exposure Through Discrepancy	CVE-2004-0778	2024-02-15 00:07	2004-10-20	Show	GitHub Exploit DB Packet Storm

314884	-	openssl openbsd freebsd	openssl openbsd freebsd	ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing…	CWE-203 Information Exposure Through Discrepancy	CVE-2003-0078	2024-02-15 00:07	2003-03-3	Show	GitHub Exploit DB Packet Storm

314885	-	joetesta	hellbent	Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error …	CWE-203 Information Exposure Through Discrepancy	CVE-2002-2094	2024-02-15 00:07	2002-12-31	Show	GitHub Exploit DB Packet Storm

314886	-	openbsd	openbsd	PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default …	CWE-203 Information Exposure Through Discrepancy	CVE-2002-0514	2024-02-15 00:07	2002-08-12	Show	GitHub Exploit DB Packet Storm

314887	-	phildev	ipfilter	IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.	CWE-203 Information Exposure Through Discrepancy	CVE-2002-0515	2024-02-15 00:07	2002-08-12	Show	GitHub Exploit DB Packet Storm

314888	-	network.associates	pgpfire	PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire.	CWE-203 Information Exposure Through Discrepancy	CVE-2002-0208	2024-02-15 00:00	2002-05-16	Show	GitHub Exploit DB Packet Storm

314889	-	woppoware	postmaster	The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernam…	CWE-203 Information Exposure Through Discrepancy	CVE-2005-1650	2024-02-14 23:43	2005-05-18	Show	GitHub Exploit DB Packet Storm

314890	-	yabbforumsoftware	yet_another_bulletin_board	YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.	CWE-203 Information Exposure Through Discrepancy	CVE-2004-0294	2024-02-14 23:32	2004-11-23	Show	GitHub Exploit DB Packet Storm