Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2661 6.3 警告
Network 		オラクル Oracle Life Sciences InForm オラクルのOracle Life Sciences InFormにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-34323 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
2662 6.5 警告
Network 		オラクル Oracle Life Sciences InForm オラクルのOracle Life Sciences InFormにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-34324 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
2663 6.8 警告
Local 		オラクル Oracle Financial Services Analytical Applications Infrastructure オラクルのOracle Financial Services Analytical Applications Infrastructureにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-34325 2026-04-27 11:22 2026-04-21 Show GitHub Exploit DB Packet Storm
2664 8.8 重要
Network 		jellyfin jellyfin jellyfinにおける複数の脆弱性 CWE-187
CWE-20
CWE-22
CVE-2026-35031 2026-04-27 11:22 2026-04-14 Show GitHub Exploit DB Packet Storm
2665 6.5 警告
Network 		jellyfin jellyfin jellyfinにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-35034 2026-04-27 11:22 2026-04-14 Show GitHub Exploit DB Packet Storm
2666 8.8 重要
Network 		Glances project Glances Nicolas Hennion (nicolargo)のGlancesにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-35587 2026-04-27 11:21 2026-04-21 Show GitHub Exploit DB Packet Storm
2667 9.3 緊急
Network 		nanobot nanobot nanobotにおける WebSocket でのオリジン検証の欠如に関する脆弱性 CWE-1385
WebSocket でのオリジン検証の欠如 		CVE-2026-35589 2026-04-27 11:21 2026-04-14 Show GitHub Exploit DB Packet Storm
2668 8.8 重要
Network 		webkul krayin crm webkulのkrayin crmにおける複数の脆弱性 CWE-269
CWE-639
CVE-2026-38529 2026-04-27 11:21 2026-04-14 Show GitHub Exploit DB Packet Storm
2669 8.1 重要
Network 		webkul krayin crm webkulのkrayin crmにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-38530 2026-04-27 11:21 2026-04-14 Show GitHub Exploit DB Packet Storm
2670 8.1 重要
Network 		webkul krayin crm webkulのkrayin crmにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-38532 2026-04-27 11:21 2026-04-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
316521 - - - Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-2804. Reason: This record is a duplicate of CVE-2023-2804. Notes: All CVE users should reference CVE-2023-2804 instead of this record… - CVE-2023-31813 2023-12-16 11:15 2023-12-16 Show GitHub Exploit DB Packet Storm
316522 - microsoft windows_embedded_compact WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. NVD-CWE-Other
CVE-2001-0162 2023-12-16 04:06 2001-01-1 Show GitHub Exploit DB Packet Storm
316523 - - - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. - CVE-2023-27171 2023-12-13 23:15 2023-12-13 Show GitHub Exploit DB Packet Storm
316524 - microsoft directx Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via… CWE-94
Code Injection 		CVE-2010-1880 2023-12-8 03:38 2010-06-9 Show GitHub Exploit DB Packet Storm
316525 - microsoft internet_explorer Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory… CWE-94
Code Injection 		CVE-2010-1262 2023-12-8 03:38 2010-06-9 Show GitHub Exploit DB Packet Storm
316526 - microsoft internet_explorer The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initializ… CWE-94
Code Injection 		CVE-2010-1261 2023-12-8 03:38 2010-06-9 Show GitHub Exploit DB Packet Storm
316527 - microsoft internet_explorer Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory… CWE-94
Code Injection 		CVE-2010-1259 2023-12-8 03:38 2010-06-9 Show GitHub Exploit DB Packet Storm
316528 - microsoft windows_2000
windows_xp
windows_2003_server
windows_vista
windows_server_2008
windows_7 		The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 allows local u… CWE-94
Code Injection 		CVE-2010-1255 2023-12-8 03:38 2010-06-9 Show GitHub Exploit DB Packet Storm
316529 - microsoft windows_xp
windows_2003_server
windows_vista
windows_server_2008
windows_7 		Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista… CWE-94
Code Injection 		CVE-2010-0811 2023-12-8 03:38 2010-06-9 Show GitHub Exploit DB Packet Storm
316530 - microsoft windows_2000
windows_xp
windows_2003_server
windows_vista
windows_server_2008
windows_7 		The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not proper… CWE-20
 Improper Input Validation  		CVE-2010-0485 2023-12-8 03:38 2010-06-9 Show GitHub Exploit DB Packet Storm