Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254301 4.3 警告 オラクル - Oracle Supply Chain Products Suite の Agile Technology Platform コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0837 2011-05-16 11:32 2011-04-19 Show GitHub Exploit DB Packet Storm
254302 3.5 注意 オラクル - Oracle JD Edwards EnterpriseOne Tools および OneWorld Tools における脆弱性 CWE-noinfo
情報不足 		CVE-2011-0836 2011-05-16 11:31 2011-04-19 Show GitHub Exploit DB Packet Storm
254303 4.3 警告 オラクル - Oracle Siebel CRM の Siebel CRM Core コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0834 2011-05-16 11:27 2011-04-19 Show GitHub Exploit DB Packet Storm
254304 4.3 警告 オラクル - Oracle Siebel CRM の Siebel CRM Core コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2011-0833 2011-05-16 11:27 2011-04-19 Show GitHub Exploit DB Packet Storm
254305 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品の navigator.plugins の実装における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2767 2011-05-16 11:09 2010-09-7 Show GitHub Exploit DB Packet Storm
254306 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品の normalizeDocument 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2766 2011-05-16 11:08 2010-09-7 Show GitHub Exploit DB Packet Storm
254307 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品の FRAMESET 要素の実装における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-2765 2011-05-16 11:07 2010-09-7 Show GitHub Exploit DB Packet Storm
254308 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品の nsTreeSelection 関数における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2760 2011-05-16 11:05 2010-09-7 Show GitHub Exploit DB Packet Storm
254309 3.7 注意 オラクル - Oracle Solaris における LOFS の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2011-0839 2011-05-13 11:37 2011-04-19 Show GitHub Exploit DB Packet Storm
254310 4.9 警告 オラクル - Oracle Solaris における Kernel/SPARC の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2011-0829 2011-05-13 11:36 2011-04-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4081 - - - Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are cas… CWE-178
CWE-436
 Improper Handling of Case Sensitivity
 Interpretation Conflict 		CVE-2026-42273 2026-05-9 01:03 2026-05-8 Show GitHub Exploit DB Packet Storm
4082 - - - Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw (non-normalized) request path, while downstre… CWE-35
CWE-436
 Path Traversal: '.../...//'
 Interpretation Conflict 		CVE-2026-42274 2026-05-9 01:03 2026-05-8 Show GitHub Exploit DB Packet Storm
4083 7.5 HIGH
Network 		coredns.io coredns CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-QUIC (DoQ) server can be driven into unbounded goroutine and memory growth by a remote client that opens many QU… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-32934 2026-05-9 01:03 2026-05-6 Show GitHub Exploit DB Packet Storm
4084 7.5 HIGH
Network 		coredns.io coredns CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS (DoH) GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decodi… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-32936 2026-05-9 01:02 2026-05-6 Show GitHub Exploit DB Packet Storm
4085 4.1 MEDIUM
Network 		- - Kimai is an open-source time tracking application. From version 2.32.0 to before version 2.56.0, users with the role System-Admin (ROLE_SYSTE_ADMIN) and the permission upload_invoice_template can upl… CWE-22
Path Traversal 		CVE-2026-44298 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
4086 7.8 HIGH
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2022-26522 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
4087 5.3 MEDIUM
Local 		- - The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service… CWE-400
 Uncontrolled Resource Consumption 		CVE-2022-26523 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
4088 6.5 MEDIUM
Network 		- - Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field. CWE-78
OS Command  		CVE-2022-45899 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
4089 5.8 MEDIUM
Network 		- - solidtime is an open-source time-tracking app. In version 0.12.0, the PUT /api/v1/organizations/{organization}/time-entries/{timeEntry} API accepts a route-bound timeEntry from another organization w… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-42279 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm
4090 7.5 HIGH
Network 		- - Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445. CWE-400
 Uncontrolled Resource Consumption 		CVE-2024-27686 2026-05-9 01:02 2026-05-8 Show GitHub Exploit DB Packet Storm