Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2571 5.3 警告
Network 		asrmicro ASR1901 Firmware
ASR1903 Firmware 		asrmicroのASR1901 Firmware等の複数製品におけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-42800 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
2572 7.5 重要
Network 		OpenStack Ironic Python Agent OpenStackのIronic Python Agentにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-43003 2026-05-7 11:29 2026-05-1 Show GitHub Exploit DB Packet Storm
2573 5.9 警告
Network 		PerlDancer Dancer::Session::Abstract PerlDancerのDancer::Session::Abstractにおける複数の脆弱性 CWE-338
CWE-340
CVE-2026-5080 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
2574 5.5 警告
Adjacent 		NASA Core Flight System (cFS) NASAのCore Flight System (cFS)におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-5475 2026-05-7 11:29 2026-04-3 Show GitHub Exploit DB Packet Storm
2575 4.6 警告
Adjacent 		NASA Core Flight System (cFS) NASAのCore Flight System (cFS)における複数の脆弱性 CWE-189
CWE-190
CVE-2026-5476 2026-05-7 11:29 2026-04-3 Show GitHub Exploit DB Packet Storm
2576 7.8 重要
Local 		IBM IBM Turbonomic Prometurbo agent IBMのIBM Turbonomic Prometurbo agentにおける権限管理に関する脆弱性 CWE-269
CWE-noinfo
CVE-2026-6389 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
2577 5.5 警告
Local 		レッドハット multicluster engine for Kubernetes レッドハットのmulticluster engine for Kubernetesにおける重要な情報の平文保存に関する脆弱性 CWE-312
重要な情報の平文保存 		CVE-2026-7163 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
2578 7.2 重要
Network 		Amazon.com, Inc. Amazon ECS container agent Amazon.com, Inc.のAmazon ECS container agentにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-7461 2026-05-7 11:29 2026-04-30 Show GitHub Exploit DB Packet Storm
2579 6.5 警告
Network 		Apache Software Foundation Apache HTTP Server Apache Software FoundationのApache HTTP ServerにおけるHTTPレスポンスの分割に関する脆弱性 CWE-443
CWE-Other
CVE-2026-33523 2026-05-7 11:29 2026-05-4 Show GitHub Exploit DB Packet Storm
2580 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける不適切な短絡評価に関する脆弱性 CWE-768
不適切な短絡評価 		CVE-2026-35378 2026-05-7 11:29 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
317751 7.5 HIGH
Network 		phprank phprank phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie, which allows remote attackers to retrieve the administrative password. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2002-1800 2024-02-10 12:06 2002-12-31 Show GitHub Exploit DB Packet Storm
317752 7.5 HIGH
Network 		audiogalaxy audiogalaxy Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2001-1536 2024-02-10 12:04 2001-12-31 Show GitHub Exploit DB Packet Storm
317753 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. All references and descriptions in this record have been removed to prevent accidental usage. - CVE-2023-6716 2024-02-9 18:15 2024-02-9 Show GitHub Exploit DB Packet Storm
317754 - georgecurrums open_guestbook Cross-site scripting (XSS) vulnerability in header.php in Open Guestbook 0.5 allows remote attackers to inject arbitrary web script or HTML via the title parameter. CWE-79
Cross-site Scripting 		CVE-2006-3295 2024-02-9 12:26 2006-06-29 Show GitHub Exploit DB Packet Storm
317755 - sun
oracle 		jsse
java_web_start
jre 		X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 … CWE-295
Improper Certificate Validation  		CVE-2003-1229 2024-02-9 12:26 2003-12-31 Show GitHub Exploit DB Packet Storm
317756 - rtfm ssldump Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value. CWE-787
 Out-of-bounds Write 		CVE-2002-2227 2024-02-9 12:26 2002-12-31 Show GitHub Exploit DB Packet Storm
317757 - microsoft windows_xp
windows_2000
windows_98
windows_me
windows_98se
windows_nt
internet_explorer
office
outlook_express 		The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Ma… CWE-295
Improper Certificate Validation  		CVE-2002-0862 2024-02-9 12:26 2002-10-4 Show GitHub Exploit DB Packet Storm
317758 - cjguestbook_project cjguestbook Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments paramet… CWE-79
Cross-site Scripting 		CVE-2006-3211 2024-02-9 12:21 2006-06-24 Show GitHub Exploit DB Packet Storm
317759 - fantastic_guestbook_project fantastic_guestbook Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the… CWE-79
Cross-site Scripting 		CVE-2006-3568 2024-02-9 12:20 2006-07-13 Show GitHub Exploit DB Packet Storm
317760 - aol aim Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. CWE-120
Classic Buffer Overflow 		CVE-2000-1094 2024-02-9 12:20 2001-01-9 Show GitHub Exploit DB Packet Storm