Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2711	6.3	警告 Network	neutrinolabs	xrdp	neutrinolabsのxrdpにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-33145	2026-04-28 10:13	2026-04-17	Show	GitHub Exploit DB Packet Storm

2712	9.1	緊急 Network	neutrinolabs	xrdp	neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-33516	2026-04-28 10:13	2026-04-17	Show	GitHub Exploit DB Packet Storm

2713	9.1	緊急 Network	neutrinolabs	xrdp	neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-33689	2026-04-28 10:13	2026-04-17	Show	GitHub Exploit DB Packet Storm

2714	2.9	低 Local	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-34268	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2715	9.8	緊急 Network	オラクル	Oracle Advanced Inbound Telephony	オラクルのOracle Advanced Inbound Telephonyにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-34275	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2716	7.5	重要 Network	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-34282	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2717	2.4	低 Network	オラクル	Oracle Database	オラクルのOracle Databaseにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-34312	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2718	5.3	警告 Network	Electron	electron	Electronのelectronにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34776	2026-04-28 10:13	2026-04-4	Show	GitHub Exploit DB Packet Storm

2719	5.4	警告 Network	オラクル	Oracle Fusion Middleware	オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35232	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

2720	6.4	警告 Network	オラクル	Oracle Fusion Middleware	オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35252	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
316841	-		openbsd	openbsd	PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default …	CWE-203 Information Exposure Through Discrepancy	CVE-2002-0514	2024-02-15 00:07	2002-08-12	Show	GitHub Exploit DB Packet Storm

316842	-		phildev	ipfilter	IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.	CWE-203 Information Exposure Through Discrepancy	CVE-2002-0515	2024-02-15 00:07	2002-08-12	Show	GitHub Exploit DB Packet Storm

316843	-		network.associates	pgpfire	PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire.	CWE-203 Information Exposure Through Discrepancy	CVE-2002-0208	2024-02-15 00:00	2002-05-16	Show	GitHub Exploit DB Packet Storm

316844	-		woppoware	postmaster	The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernam…	CWE-203 Information Exposure Through Discrepancy	CVE-2005-1650	2024-02-14 23:43	2005-05-18	Show	GitHub Exploit DB Packet Storm

316845	-		yabbforumsoftware	yet_another_bulletin_board	YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.	CWE-203 Information Exposure Through Discrepancy	CVE-2004-0294	2024-02-14 23:32	2004-11-23	Show	GitHub Exploit DB Packet Storm

316846	-		ibm	aix	AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.	CWE-203 Information Exposure Through Discrepancy	CVE-2004-0243	2024-02-14 23:30	2004-11-23	Show	GitHub Exploit DB Packet Storm

316847	5.5	MEDIUM Local	-	-	Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932	-	CVE-2024-0584	2024-02-14 15:15	2024-01-16	Show	GitHub Exploit DB Packet Storm

316848	7.8	HIGH Local	-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2023-42915	2024-02-14 12:15	2024-01-23	Show	GitHub Exploit DB Packet Storm

316849	-		jvehicles	com_jvehicles	SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlist…	CWE-89 SQL Injection	CVE-2010-1873	2024-02-14 10:17	2010-05-12	Show	GitHub Exploit DB Packet Storm

316850	-		vmware	player ace workstation server	VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 bef…	CWE-134 Use of Externally-Controlled Format String	CVE-2009-4811	2024-02-14 10:17	2010-04-28	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed