Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2621 9.9 緊急
Network 		traefik traefik traefikにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-44774 2026-05-21 10:51 2026-05-15 Show GitHub Exploit DB Packet Storm
2622 6.5 警告
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-45187 2026-05-21 10:50 2026-05-19 Show GitHub Exploit DB Packet Storm
2623 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおける動的に決定されたオブジェクト属性の不適切に制御された変更に関する脆弱性 CWE-915
動的に決定されたオブジェクト属性の不適切に制御された変更 		CVE-2026-45396 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2624 5.3 警告
Network 		openwebui open webui openwebuiのopen webuiにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-45397 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2625 7.5 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-45398 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2626 8.5 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45400 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2627 8.5 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45401 2026-05-21 10:50 2026-05-15 Show GitHub Exploit DB Packet Storm
2628 8.8 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-45434 2026-05-21 10:50 2026-05-19 Show GitHub Exploit DB Packet Storm
2629 5.4 警告
Network 		Outlook.com Microsoft Edge Chromium Microsoft Edge (Chrome ベース) のセキュリティ機能のバイパスの脆弱性 CWE-20
CWE-noinfo
CVE-2026-45492 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
2630 6.1 警告
Network 		Outlook.com Microsoft Edge Chromium Microsoft Edge (Chromium ベース) のなりすましの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-45494 2026-05-21 10:50 2026-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345361 - china-on-site flexphpnews SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. NVD-CWE-Other
CVE-2005-1237 2017-10-11 10:30 2005-05-2 Show GitHub Exploit DB Packet Storm
345362 - apple itunes Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file. NVD-CWE-Other
CVE-2005-1248 2017-10-11 10:30 2005-05-16 Show GitHub Exploit DB Packet Storm
345363 - graphicsmagick
imagemagick 		graphicsmagick
imagemagick 		Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small… NVD-CWE-Other
CVE-2005-1275 2017-10-11 10:30 2005-04-25 Show GitHub Exploit DB Packet Storm
345364 - squid squid Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by th… NVD-CWE-Other
CVE-2005-1345 2017-10-11 10:30 2005-05-2 Show GitHub Exploit DB Packet Storm
345365 - - - Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2005-1426 2017-10-11 10:30 2005-05-3 Show GitHub Exploit DB Packet Storm
345366 - gnu gnutls The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c. NVD-CWE-Other
CVE-2005-1431 2017-10-11 10:30 2005-05-3 Show GitHub Exploit DB Packet Storm
345367 - freeradius freeradius SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership… NVD-CWE-Other
CVE-2005-1454 2017-10-11 10:30 2005-05-19 Show GitHub Exploit DB Packet Storm
345368 - freeradius freeradius Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash). NVD-CWE-Other
CVE-2005-1455 2017-10-11 10:30 2005-05-19 Show GitHub Exploit DB Packet Storm
345369 - mozilla firefox Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrar… NVD-CWE-Other
CVE-2005-1476 2017-10-11 10:30 2005-05-9 Show GitHub Exploit DB Packet Storm
345370 - mozilla firefox The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, lead… NVD-CWE-Other
CVE-2005-1477 2017-10-11 10:30 2005-05-9 Show GitHub Exploit DB Packet Storm