Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2701	8.8	重要 Network	Intermesh	Group-Office	Intermesh BVのGroup-OfficeにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-33755	2026-04-21 10:48	2026-03-27	Show	GitHub Exploit DB Packet Storm

2702	7.5	重要 Network	saleor	saleor	saleorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-33756	2026-04-21 10:48	2026-04-8	Show	GitHub Exploit DB Packet Storm

2703	3.7	低 Network	Apostrophe Technologies	ApostropheCMS	Apostrophe TechnologiesのApostropheCMSにおけるタイミングの違いに起因する情報漏えいに関する脆弱性	CWE-208 タイミングの違いに起因する情報漏えい	CVE-2026-33877	2026-04-21 10:48	2026-04-15	Show	GitHub Exploit DB Packet Storm

2704	5.3	警告 Network	Apostrophe Technologies	ApostropheCMS	Apostrophe TechnologiesのApostropheCMSにおける複数の脆弱性	CWE-200 CWE-863	CVE-2026-33888	2026-04-21 10:48	2026-04-15	Show	GitHub Exploit DB Packet Storm

2705	5.4	警告 Network	Apostrophe Technologies	ApostropheCMS	Apostrophe TechnologiesのApostropheCMSにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-33889	2026-04-21 10:48	2026-04-15	Show	GitHub Exploit DB Packet Storm

2706	6.5	警告 Adjacent	Ellanetworks	Ella Core	EllanetworksのElla CoreにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33903	2026-04-21 10:48	2026-03-27	Show	GitHub Exploit DB Packet Storm

2707	6.5	警告 Adjacent	Ellanetworks	Ella Core	EllanetworksのElla Coreにおけるデッドロックに関する脆弱性	CWE-833 デッドロック	CVE-2026-33904	2026-04-21 10:48	2026-03-27	Show	GitHub Exploit DB Packet Storm

2708	7.2	重要 Network	Ellanetworks	Ella Core	EllanetworksのElla Coreにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-33906	2026-04-21 10:48	2026-03-27	Show	GitHub Exploit DB Packet Storm

2709	6.5	警告 Adjacent	Ellanetworks	Ella Core	EllanetworksのElla CoreにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-33907	2026-04-21 10:48	2026-03-27	Show	GitHub Exploit DB Packet Storm

2710	4.3	警告 Network	Apache Software Foundation	PDFBox	Apache Software FoundationのPDFBoxにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-33929	2026-04-21 10:48	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348781	-	astaro	security_linux	Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4.027 allows attackers to cause a denial of service.	NVD-CWE-Other	CVE-2005-3100	2008-09-6 05:53	2005-09-29	Show	GitHub Exploit DB Packet Storm

348782	-	six_apart	movable_type	The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.	NVD-CWE-Other	CVE-2005-3101	2008-09-6 05:53	2005-09-29	Show	GitHub Exploit DB Packet Storm

348783	-	-	-	The administrative interface in Movable Type allows attackers to upload files with arbitrary extensions under the web root.	NVD-CWE-Other	CVE-2005-3102	2008-09-6 05:53	2005-09-29	Show	GitHub Exploit DB Packet Storm

348784	-	six_apart	movable_type	Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title, (2) category, (3) body, (4) extended body, and (5…	NVD-CWE-Other	CVE-2005-3103	2008-09-6 05:53	2005-09-29	Show	GitHub Exploit DB Packet Storm

348785	-	six_apart	movable_type	mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via URLs in comments.	NVD-CWE-Other	CVE-2005-3104	2008-09-6 05:53	2005-09-29	Show	GitHub Exploit DB Packet Storm

348786	-	macromedia	breeze	The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords.	NVD-CWE-Other	CVE-2005-3112	2008-09-6 05:53	2005-09-30	Show	GitHub Exploit DB Packet Storm

348787	-	mpeg-tools	mpeg-tools	mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN].	NVD-CWE-Other	CVE-2005-3115	2008-09-6 05:53	2005-10-1	Show	GitHub Exploit DB Packet Storm

348788	-	eduard_bloch	module-assistant	A rule file in module-assistant before 0.9.10 causes a temporary file to be created insecurely, which allows local users to conduct unauthorized operations.	NVD-CWE-Other	CVE-2005-3121	2008-09-6 05:53	2005-10-21	Show	GitHub Exploit DB Packet Storm

348789	-	4d	webstar	Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2.	NVD-CWE-Other	CVE-2005-3143	2008-09-6 05:53	2005-10-6	Show	GitHub Exploit DB Packet Storm

348790	-	standards_based_linux_instrumentation	sblim-sfcb	httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers.	NVD-CWE-Other	CVE-2005-3144	2008-09-6 05:53	2005-10-6	Show	GitHub Exploit DB Packet Storm