Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2591	6.3	警告 Local	Glances project	Glances	Nicolas Hennion (nicolargo)のGlancesにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-35588	2026-04-24 11:42	2026-04-21	Show	GitHub Exploit DB Packet Storm

2592	7.3	重要 Local	Anthropic PBC	Claude Code	Anthropic PBCのClaude Codeにおける信頼できない検索パスに関する脆弱性	CWE-426 信頼性のない検索パス	CVE-2026-35603	2026-04-24 11:42	2026-04-17	Show	GitHub Exploit DB Packet Storm

2593	6.5	警告 Network	Mattermost, Inc.	Mattermost Server	Mattermost, Inc.のMattermost ServerにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-3590	2026-04-24 11:42	2026-04-15	Show	GitHub Exploit DB Packet Storm

2594	6.5	警告 Network	WWBN	AVideo	WWBNのAVideoにおけるデータの信頼性についての不十分な検証に関する脆弱性	CWE-345 データの信頼性についての不十分な検証	CVE-2026-39366	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2595	5.4	警告 Network	WWBN	AVideo	WWBNのAVideoにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-39367	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2596	6.5	警告 Network	WWBN	AVideo	WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-39368	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2597	7.6	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-39369	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2598	7.1	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-39370	2026-04-24 11:42	2026-04-7	Show	GitHub Exploit DB Packet Storm

2599	7.8	重要 Local	Vim	Vim	Vimにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-39881	2026-04-24 11:42	2026-04-8	Show	GitHub Exploit DB Packet Storm

2600	5.3	警告 Network	OpenEXR	OpenEXR	OpenEXRにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-39886	2026-04-24 11:42	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315261	-	-	-	Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 allows remote authenticated users to read or list arbitrary files via "C:" sequences in the (1) RETR (get), (2) NLST (ls), (3) L…	NVD-CWE-Other	CVE-2004-2488	2024-02-14 10:17	2004-12-31	Show	GitHub Exploit DB Packet Storm

315262	-	leigh_business_enterprises	web_helpdesk	SQL injection vulnerability in jobedit.asp in Leigh Business Enterprises (LBE) Web Helpdesk before 4.0.0.81 allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2004-2562	2024-02-14 10:17	2004-12-31	Show	GitHub Exploit DB Packet Storm

315263	-	sco	openserver	Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.	NVD-CWE-Other	CVE-2004-0510	2024-02-14 10:17	2004-12-23	Show	GitHub Exploit DB Packet Storm

315264	-	ethereal_group conectiva sgi redhat suse debian altlinux	ethereal linux propack enterprise_linux suse_linux enterprise_linux_desktop debian_linux linux_advanced_workstation alt_linux	Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).	NVD-CWE-Other	CVE-2004-1139	2024-02-14 10:17	2004-12-15	Show	GitHub Exploit DB Packet Storm

315265	-	ethereal_group conectiva sgi redhat suse debian altlinux	ethereal linux propack enterprise_linux suse_linux enterprise_linux_desktop debian_linux linux_advanced_workstation alt_linux	Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.	NVD-CWE-Other	CVE-2004-1142	2024-02-14 10:17	2004-12-15	Show	GitHub Exploit DB Packet Storm

315266	-	linux redhat	linux_kernel fedora_core linux	Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a …	NVD-CWE-Other	CVE-2004-1333	2024-02-14 10:17	2004-12-15	Show	GitHub Exploit DB Packet Storm

315267	-	-	-	Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a bu…	NVD-CWE-Other	CVE-2004-1334	2024-02-14 10:17	2004-12-15	Show	GitHub Exploit DB Packet Storm

315268	-	linux redhat	linux_kernel fedora_core linux	Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.	NVD-CWE-Other	CVE-2004-1335	2024-02-14 10:17	2004-12-15	Show	GitHub Exploit DB Packet Storm

315269	-	ethereal_group redhat mandrakesoft gentoo	ethereal enterprise_linux linux_advanced_workstation mandrake_linux linux	The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.	NVD-CWE-Other	CVE-2004-0633	2024-02-14 10:17	2004-12-6	Show	GitHub Exploit DB Packet Storm

315270	-	ethereal_group redhat mandrakesoft gentoo	ethereal enterprise_linux linux_advanced_workstation mandrake_linux linux	The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.	NVD-CWE-Other	CVE-2004-0634	2024-02-14 10:17	2004-12-6	Show	GitHub Exploit DB Packet Storm