Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2561	8.8	重要 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおける認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2026-40502	2026-04-27 11:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

2562	6.5	警告 Network	HKUDS	OpenHarness	HKUDSのOpenHarnessにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-40503	2026-04-27 11:27	2026-04-16	Show	GitHub Exploit DB Packet Storm

2563	8.8	重要 Network	FreePBX	API Module	FreePBXのAPI ModuleにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-40520	2026-04-27 11:26	2026-04-21	Show	GitHub Exploit DB Packet Storm

2564	6.1	警告 Network	Yusuke Inuzuka (yuin)	goldmark	Yusuke Inuzuka (yuin)のgoldmarkにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-5160	2026-04-27 11:26	2026-04-15	Show	GitHub Exploit DB Packet Storm

2565	6.5	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-0186	2026-04-27 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

2566	6.5	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-3922	2026-04-27 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

2567	6.5	警告 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-6016	2026-04-27 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

2568	7.5	重要 Network	Nitro Software Inc.	Nitro PDF Pro	Nitro Software Inc.のNitro PDF ProにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-66769	2026-04-27 11:26	2026-04-13	Show	GitHub Exploit DB Packet Storm

2569	7.5	重要 Network	Nitro Software Inc.	Nitro PDF Pro	Nitro Software Inc.のNitro PDF ProにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-69624	2026-04-27 11:26	2026-04-13	Show	GitHub Exploit DB Packet Storm

2570	2.7	低 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2025-9957	2026-04-27 11:26	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316761	-	ethereal_group	ethereal	Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused t…	NVD-CWE-Other	CVE-2002-0822	2024-02-14 10:17	2002-08-12	Show	GitHub Exploit DB Packet Storm

316762	-	ethereal_group	ethereal	The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possi…	NVD-CWE-Other	CVE-2002-0353	2024-02-14 10:17	2002-06-25	Show	GitHub Exploit DB Packet Storm

316763	-	ethereal_group	ethereal	Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.	NVD-CWE-Other	CVE-2002-0402	2024-02-14 10:17	2002-06-18	Show	GitHub Exploit DB Packet Storm

316764	-	ethereal_group	ethereal	DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.	NVD-CWE-Other	CVE-2002-0403	2024-02-14 10:17	2002-06-18	Show	GitHub Exploit DB Packet Storm

316765	-	ethereal_group	ethereal	Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).	NVD-CWE-Other	CVE-2002-0404	2024-02-14 10:17	2002-06-18	Show	GitHub Exploit DB Packet Storm

316766	-	tarantella	tarantella_enterprise	ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.	NVD-CWE-Other	CVE-2002-0203	2024-02-14 10:17	2002-05-16	Show	GitHub Exploit DB Packet Storm

316767	-	tarantella	tarantella_enterprise	Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to exec…	NVD-CWE-Other	CVE-2002-0211	2024-02-14 10:17	2002-05-16	Show	GitHub Exploit DB Packet Storm

316768	-	steve_kneizys	agora.cgi	Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.	NVD-CWE-Other	CVE-2001-1199	2024-02-14 10:17	2001-12-17	Show	GitHub Exploit DB Packet Storm

316769	-	khamil_landross_and_zack_jones	eftp	Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.	NVD-CWE-Other	CVE-2001-1193	2024-02-14 10:17	2001-12-13	Show	GitHub Exploit DB Packet Storm

316770	-	tarantella	tarantella_enterprise	Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter.	NVD-CWE-Other	CVE-2001-0805	2024-02-14 10:17	2001-12-6	Show	GitHub Exploit DB Packet Storm