Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. W3002R Firmware
A302 Firmware
W309R Firmware 		Shenzhen Tenda Technology Co.,Ltd.のA302 Firmware等の複数製品におけるスプーフィングによる認証回避に関する脆弱性 New CWE-290
スプーフィングによる認証回避 		CVE-2018-25317 2026-05-7 11:31 2026-04-29 Show GitHub Exploit DB Packet Storm
252 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. FH303 Firmware
A300 Firmware 		Shenzhen Tenda Technology Co.,Ltd.のA300 Firmware等の複数製品におけるスプーフィングによる認証回避に関する脆弱性 New CWE-290
スプーフィングによる認証回避 		CVE-2018-25318 2026-05-7 11:31 2026-04-29 Show GitHub Exploit DB Packet Storm
253 9.8 緊急
Network 		DeanWu (pylixm) Django-mdeditor DeanWu (pylixm)のDjango-mdeditorにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2025-13030 2026-05-7 11:31 2026-04-30 Show GitHub Exploit DB Packet Storm
254 7.8 重要
Local 		The Qt Company qtdeclarative The Qt Companyのqtdeclarativeにおける複数の脆弱性 New CWE-20
CWE-94
CWE-94
CVE-2025-14576 2026-05-7 11:30 2026-04-30 Show GitHub Exploit DB Packet Storm
255 6.4 警告
Local 		レッドハット OpenShift Update Service (OSUS) レッドハットのOpenShift Update Service (OSUS)における不適切なデフォルトパーミッションに関する脆弱性 New CWE-276
不適切なデフォルトパーミッション 		CVE-2025-57854 2026-05-7 11:30 2026-04-8 Show GitHub Exploit DB Packet Storm
256 5.4 警告
Network 		Wolters Kluwer Financial Services, Inc. LEX Baza Dokumentow Wolters Kluwer Financial Services, Inc.のLEX Baza Dokumentowにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-1493 2026-05-7 11:30 2026-04-30 Show GitHub Exploit DB Packet Storm
257 5.7 警告
Adjacent 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における入力確認に関する脆弱性 New CWE-20
CWE-noinfo
CVE-2026-20020 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
258 6.1 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるクロスサイトスクリプティングの脆弱性 New CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-20070 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
259 5.8 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-20073 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
260 7.7 重要
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における古典的バッファオーバーフローの脆弱性 New CWE-120
古典的バッファオーバーフロー 		CVE-2026-20100 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347251 - cisco catos Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. NVD-CWE-Other
CVE-2000-0267 2008-09-11 04:03 2000-04-20 Show GitHub Exploit DB Packet Storm
347252 - cisco ios
accesspath
as5200
as5300
as5800
system_controller_3640
voice_gateway_as5800
3660_router
7100_router
7200_router
7500_router
ubr7200 		Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. NVD-CWE-Other
CVE-2000-0268 2008-09-11 04:03 2000-04-20 Show GitHub Exploit DB Packet Storm
347253 - symantec pcanywhere PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. NVD-CWE-Other
CVE-2000-0273 2008-09-11 04:03 2000-04-9 Show GitHub Exploit DB Packet Storm
347254 - cryptocard cryptoadmin CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. NVD-CWE-Other
CVE-2000-0275 2008-09-11 04:03 2000-04-10 Show GitHub Exploit DB Packet Storm
347255 - saleslogix corporation_eviewer The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user. NVD-CWE-Other
CVE-2000-0278 2008-09-11 04:03 2000-08-3 Show GitHub Exploit DB Packet Storm
347256 - be beos BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers. NVD-CWE-Other
CVE-2000-0279 2008-09-11 04:03 2000-04-7 Show GitHub Exploit DB Packet Storm
347257 - talentsoft web\+ TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program. NVD-CWE-Other
CVE-2000-0282 2008-09-11 04:03 2000-04-12 Show GitHub Exploit DB Packet Storm
347258 - ibm aix dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. NVD-CWE-Other
CVE-1999-1552 2008-09-11 04:02 1994-07-20 Show GitHub Exploit DB Packet Storm
347259 - nortel optivity_net_architect The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands. NVD-CWE-Other
CVE-2000-0009 2008-09-11 04:02 1999-12-29 Show GitHub Exploit DB Packet Storm
347260 - analogx simpleserver_www Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. NVD-CWE-Other
CVE-2000-0011 2008-09-11 04:02 1999-12-31 Show GitHub Exploit DB Packet Storm