Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2781	7.5	重要 Network	Eaton	Intelligent Power Protector	EatonのIntelligent Power Protectorにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-22616	2026-04-24 11:33	2026-04-16	Show	GitHub Exploit DB Packet Storm

2782	7.4	重要 Network	Eaton	Intelligent Power Protector	EatonのIntelligent Power ProtectorにおけるHTTPS セッション内の Secure 属性がない重要な Cookie に関する脆弱性	CWE-614 HTTPS セッション内の Secure 属性がない重要な Cookie	CVE-2026-22617	2026-04-24 11:33	2026-04-16	Show	GitHub Exploit DB Packet Storm

2783	7.1	重要 Network	Eaton	Intelligent Power Protector	EatonのIntelligent Power Protectorにおけるセキュリティチェックに関する脆弱性	CWE-358 不適切に実装されたセキュリティチェック	CVE-2026-22618	2026-04-24 11:33	2026-04-16	Show	GitHub Exploit DB Packet Storm

2784	9.9	緊急 Network	Eaton	Intelligent Power Protector	EatonのIntelligent Power Protectorにおける制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2026-22619	2026-04-24 11:33	2026-04-16	Show	GitHub Exploit DB Packet Storm

2785	8.1	重要 Network	VMware	Spring Boot	VMwareのSpring Bootにおける代替パスまたはチャネルを使用した認証回避に関する脆弱性	CWE-288 代替パスまたはチャネルを使用した認証回避	CVE-2026-22733	2026-04-24 11:33	2026-03-20	Show	GitHub Exploit DB Packet Storm

2786	2.6	低 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるリソースのロックに関する脆弱性	CWE-667 不適切なロック	CVE-2026-22735	2026-04-24 11:33	2026-03-20	Show	GitHub Exploit DB Packet Storm

2787	5.9	警告 Network	VMware	Spring Framework	VMwareのSpring Frameworkにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-22737	2026-04-24 11:33	2026-03-20	Show	GitHub Exploit DB Packet Storm

2788	7.2	重要 Network	デル	PowerProtect DP Series Appliance data domain operating system	デルのdata domain operating system等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-23774	2026-04-24 11:33	2026-04-20	Show	GitHub Exploit DB Packet Storm

2789	8.7	重要 Network	decidim	decidim	Decidim Free Software AssociationのDecidimにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23891	2026-04-24 11:33	2026-04-13	Show	GitHub Exploit DB Packet Storm

2790	4.9	警告 Network	OctoberCMS	October	OctoberCMSのOctoberにおける複数の脆弱性	CWE-200 CWE-94	CVE-2026-25125	2026-04-24 11:33	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348681	-	f-art_agency punbb	blog_cms punbb	PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepre…	NVD-CWE-Other	CVE-2005-4687	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348682	-	punbb	punbb	PunBB 1.2.9 does not require password entry when changing the e-mail address in an account's profile, which might allow an attacker to make an address change via a hijacked login session.	NVD-CWE-Other	CVE-2005-4688	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348683	-	-	-	Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie.	NVD-CWE-Other	CVE-2005-4689	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348684	-	six_apart	movable_type	Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory…	NVD-CWE-Other	CVE-2005-4690	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348685	-	netbsd	netbsd	imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack …	NVD-CWE-Other	CVE-2005-4691	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348686	-	mroovca	mroovca_stats	Unspecified vulnerability in mroovca stats (mroovcastats) before 0.4.5b has unknown attack vectors and impact, related to cookies.	NVD-CWE-Other	CVE-2005-4692	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348687	-	gaim-encryption	gaim-encryption	Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to cause a denial of service (crash) via a crafted message from an ICQ buddy, possibly involving the GE_received_key function in keys.c.	NVD-CWE-Other	CVE-2005-4693	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348688	-	ipbproarcade	ipbproarcade	SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this…	NVD-CWE-Other	CVE-2005-4702	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348689	-	bea	weblogic_server	Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used…	NVD-CWE-Other	CVE-2005-4704	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm

348690	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7, when a Java client application creates an SSL connection to the server after it has already created an …	NVD-CWE-Other	CVE-2005-4705	2008-09-6 05:57	2005-12-31	Show	GitHub Exploit DB Packet Storm