Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256431	4.3	警告	IBM	-	IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0768	2010-05-27 17:25	2010-04-1	Show	GitHub Exploit DB Packet Storm

256432	4	警告	IBM	-	IBM WebSphere Application Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0770	2010-05-27 17:25	2010-04-1	Show	GitHub Exploit DB Packet Storm

256433	5	警告	IBM	-	IBM WebSphere Application Server (WAS) の Administrative Console コンポーネントにおける WAS セッションの内容を読まれる脆弱性	CWE-200 情報漏えい	CVE-2009-1898	2010-05-27 17:24	2009-06-3	Show	GitHub Exploit DB Packet Storm

256434	6.8	警告	サイバートラスト株式会社レッドハット	-	TeX Live 2009 および teTeX の dvipsk/dospecial.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1440	2010-05-26 16:33	2010-05-6	Show	GitHub Exploit DB Packet Storm

256435	6.8	警告	サイバートラスト株式会社レッドハット	-	TeX Live および teTeX の predospecial 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-0739	2010-05-26 16:32	2010-04-16	Show	GitHub Exploit DB Packet Storm

256436	9.3	危険	アドビシステムズ	-	Adobe Photoshop CS4 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1279	2010-05-26 16:32	2010-04-30	Show	GitHub Exploit DB Packet Storm

256437	9.3	危険	レッドハット freedesktop.org サイバートラスト株式会社 Glyph & Cog, LLC	-	Xpdf および Poppler の ObjectStream::ObjectStream 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-3608	2010-05-26 16:31	2009-10-15	Show	GitHub Exploit DB Packet Storm

256438	6.8	警告	サイバートラスト株式会社レッドハット CUPS	-	CUPS の pdftops フィルタにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-0791	2010-05-26 16:30	2009-06-3	Show	GitHub Exploit DB Packet Storm

256439	6.8	警告	レッドハット Glyph & Cog, LLC サイバートラスト株式会社 CUPS	-	Xpdf および CUPS におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0195	2010-05-26 16:30	2009-04-16	Show	GitHub Exploit DB Packet Storm

256440	4.3	警告	Glyph & Cog, LLC freedesktop.org 日本電気サイバートラスト株式会社 CUPS レッドハット	-	JBIG2 MMR デコーダにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-1183	2010-05-26 16:30	2009-04-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312191	-		-	-	An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint `http://0.0.0.0:3000/api/v1/memories/{id}/update`…	CWE-250 Execution with Unnecessary Privileges	CVE-2024-7041	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312192	-		-	-	In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vul…	CWE-22 Path Traversal	CVE-2024-7037	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312193	7.5	HIGH Network	-	-	An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker se…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2024-39525	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312194	7.5	HIGH Network	-	-	An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacke…	CWE-1288 Improper Validation of Consistency within Input	CVE-2024-39515	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312195	-		-	-	VMware NSX contains a local privilege escalation vulnerability. An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assi…	-	CVE-2024-38818	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312196	-		-	-	VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive infor…	-	CVE-2024-38815	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312197	-		-	-	HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request d…	-	CVE-2024-30118	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312198	-		-	-	ImportDump is a mediawiki extension designed to automate user import requests. A user's local actor ID is stored in the database to tell who made what requests. Therefore, if a user on another wiki h…	CWE-282 Improper Ownership Management	CVE-2024-47816	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312199	-		-	-	IncidentReporting is a MediaWiki extension for moving incident reports from wikitext to database tables. There are a variety of Cross-site Scripting issues, though all of them require elevated permis…	CWE-79 CWE-80 Cross-site Scripting Basic XSS	CVE-2024-47815	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm

312200	-		-	-	A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data.	-	CVE-2024-9470	2024-10-10 21:51	2024-10-10	Show	GitHub Exploit DB Packet Storm