Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2721 7.3 重要
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-35338 2026-04-28 10:13 2026-04-22 Show GitHub Exploit DB Packet Storm
2722 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるUnicode エンコーディングの処理に関する脆弱性 CWE-176
Unicode エンコーディングの不適切な処理 		CVE-2026-35346 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2723 4.4 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-35347 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2724 7.7 重要
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるリンク解釈に関する脆弱性 CWE-59
リンク解釈の問題 		CVE-2026-35349 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2725 4.2 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるパーミッションの不適切な保持に関する脆弱性 CWE-281
パーミッションの不適切な保持 		CVE-2026-35351 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2726 3.3
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35353 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2727 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35355 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2728 6.3 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35356 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2729 4.4 警告
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおける複数の脆弱性 CWE-281
CWE-459
CVE-2026-35361 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
2730 3.6
Local 		Uutils uutils coreutils Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-35362 2026-04-28 10:12 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
316531 - trend_micro pc-cillin_2006 Trend Micro PC-cillin Internet Security 2006 14.00.1485 and 14.10.0.1023, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying executable programs s… NVD-CWE-Other
CVE-2006-1379 2024-02-14 10:17 2006-03-24 Show GitHub Exploit DB Packet Storm
316532 - trendmicro interscan_messaging_security_suite ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite (IMSS) 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local us… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2006-1380 2024-02-14 10:17 2006-03-24 Show GitHub Exploit DB Packet Storm
316533 - trend_micro officescan Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe. NVD-CWE-Other
CVE-2006-1381 2024-02-14 10:17 2006-03-24 Show GitHub Exploit DB Packet Storm
316534 - glftpd glftpd Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote attackers to bypass IP checks via a crafted DNS hostname, possibly a hostname that appears to be an IP address. NVD-CWE-Other
CVE-2006-1253 2024-02-14 10:17 2006-03-19 Show GitHub Exploit DB Packet Storm
316535 - jcink.com textfilebb Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mess and (2) user parameters in messanger.p… NVD-CWE-Other
CVE-2006-1202 2024-02-14 10:17 2006-03-14 Show GitHub Exploit DB Packet Storm
316536 - sergey_korostel php_upload_center PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for the upload/users/[U… NVD-CWE-Other
CVE-2006-1207 2024-02-14 10:17 2006-03-14 Show GitHub Exploit DB Packet Storm
316537 - sergey_korostel php_upload_center Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name ends in a .php.li extension, which can be accessed from the upload directory. NVD-CWE-Other
CVE-2006-1208 2024-02-14 10:17 2006-03-14 Show GitHub Exploit DB Packet Storm
316538 - bugada_andrea php_advanced_transfer_manager PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote attackers to download… NVD-CWE-Other
CVE-2006-1209 2024-02-14 10:17 2006-03-14 Show GitHub Exploit DB Packet Storm
316539 - nmdeluxe nmdeluxe Cross-site scripting (XSS) vulnerability in news.php in NMDeluxe before 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the nick parameter. NVD-CWE-Other
CVE-2006-1107 2024-02-14 10:17 2006-03-9 Show GitHub Exploit DB Packet Storm
316540 - nmdeluxe nmdeluxe SQL injection vulnerability in news.php in NMDeluxe before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. NVD-CWE-Other
CVE-2006-1108 2024-02-14 10:17 2006-03-9 Show GitHub Exploit DB Packet Storm