Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2601	7.1	重要 Local	レッドハット gimp	Red Hat Enterprise Linux gimp	gimp等の複数ベンダの製品における境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-40917	2026-04-30 11:02	2026-04-15	Show	GitHub Exploit DB Packet Storm

2602	5.5	警告 Local	レッドハット gimp	Red Hat Enterprise Linux gimp	gimp等の複数ベンダの製品におけるバッファサイズの計算の誤りに関する脆弱性	CWE-131 正しくないバッファサイズ計算	CVE-2026-40918	2026-04-30 11:02	2026-04-15	Show	GitHub Exploit DB Packet Storm

2603	5.5	警告 Local	レッドハット gimp	Red Hat Enterprise Linux gimp	gimp等の複数ベンダの製品における境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-40919	2026-04-30 11:02	2026-04-15	Show	GitHub Exploit DB Packet Storm

2604	5.9	警告 Network	opentelemetry	opentelemetry	opentelemetryにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-41078	2026-04-30 11:02	2026-04-23	Show	GitHub Exploit DB Packet Storm

2605	6.5	警告 Network	Apache Software Foundation	Apache Storm	Apache Software FoundationのApache Stormにおける認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-41081	2026-04-30 11:02	2026-04-27	Show	GitHub Exploit DB Packet Storm

2606	7.5	重要 Network	SQLAlchemy	mako	SQLAlchemyのmakoにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-41205	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

2607	7.8	重要 Local	Tommaso Bona (ParzivalHack)	PySpector	Tommaso Bona (ParzivalHack)のPySpectorにおける不完全なブラックリストに関する脆弱性	CWE-184 不完全なブラックリスト	CVE-2026-41206	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

2608	6.1	警告 Network	cure53	DOMPurify	cure53のDOMPurifyにおける複数の脆弱性	CWE-183 CWE-79	CVE-2026-41240	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

2609	5.4	警告 Network	pretalx	pretalx	pretalxにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-41241	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

2610	8.1	重要 Network	Project Contour	Contour	Project ContourのContourにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41246	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316861	7.5	HIGH Network	postgresql	postgresql	PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.	CWE-916 Use of Password Hash With Insufficient Computational Effort	CVE-2002-1657	2024-02-9 12:06	2002-12-31	Show	GitHub Exploit DB Packet Storm

316862	5.5	MEDIUM Local	busybox avaya	busybox message_networking aura_sip_enablement_services aura_application_enablement_services messaging_storage_server	BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.	CWE-916 Use of Password Hash With Insufficient Computational Effort	CVE-2006-1058	2024-02-9 12:05	2006-04-4	Show	GitHub Exploit DB Packet Storm

316863	6.1	MEDIUM Network	freescripts	visitorbook_le	FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site script…	CWE-346 Origin Validation Error	CVE-2003-0981	2024-02-9 11:53	2004-01-5	Show	GitHub Exploit DB Packet Storm

316864	7.5	HIGH Network	6tunnel_project	6tunnel	6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to …	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2001-0830	2024-02-9 11:52	2001-12-6	Show	GitHub Exploit DB Packet Storm

316865	-		apache debian	http_server debian_linux	The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct X…	CWE-444 HTTP Request Smuggling	CVE-2005-2088	2024-02-9 11:40	2005-07-5	Show	GitHub Exploit DB Packet Storm

316866	-		microsoft	internet_information_services	Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chun…	CWE-444 HTTP Request Smuggling	CVE-2005-2089	2024-02-9 11:29	2005-07-5	Show	GitHub Exploit DB Packet Storm

316867	6.1	MEDIUM Network	blackboard	academic_suite	Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks…	CWE-601 Open Redirect	CVE-2005-4206	2024-02-9 11:28	2005-12-13	Show	GitHub Exploit DB Packet Storm

316868	5.5	MEDIUM Local	linux debian	linux_kernel debian_linux	Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code vi…	CWE-667 Improper Locking	CVE-2005-2456	2024-02-9 09:44	2005-08-4	Show	GitHub Exploit DB Packet Storm

316869	7.5	HIGH Network	apache	http_server	mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data …	CWE-667 Improper Locking	CVE-2002-1850	2024-02-9 09:29	2002-12-31	Show	GitHub Exploit DB Packet Storm

316870	-		openpkg libpng redhat trustix	openpkg libpng secure_linux enterprise_linux_desktop enterprise_linux	The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bou…	CWE-125 Out-of-bounds Read	CVE-2004-0421	2024-02-9 09:27	2004-08-18	Show	GitHub Exploit DB Packet Storm