Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2801 9.8 緊急
Network 		CoreWeave marimo CoreWeaveのmarimoにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-39987 2026-04-27 11:27 2026-04-9 Show GitHub Exploit DB Packet Storm
2802 9.8 緊急
Network 		codefuture CF Image Hosting Script codefutureのCF Image Hosting Scriptにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2019-25709 2026-04-27 11:27 2026-04-12 Show GitHub Exploit DB Packet Storm
2803 9.8 緊急
Network 		ERLANG Erlang/Inets (Inets)
Erlang/OTP 		ERLANGのErlang/Inets (Inets)等の複数製品における不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-28808 2026-04-27 11:27 2026-04-7 Show GitHub Exploit DB Packet Storm
2804 6.1 警告
Network 		Dovestones Software Ltd AD Phonebook Dovestones Software LtdのAD Phonebookにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-31013 2026-04-27 11:27 2026-04-21 Show GitHub Exploit DB Packet Storm
2805 6.3 警告
Network 		Dovestones Software Ltd AD Self Update Dovestones Software LtdのAD Self Updateにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-31014 2026-04-27 11:27 2026-04-21 Show GitHub Exploit DB Packet Storm
2806 9.8 緊急
Network 		reconurge Flowsint reconurgeのFlowsintにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-32311 2026-04-27 11:27 2026-04-20 Show GitHub Exploit DB Packet Storm
2807 7.5 重要
Network 		freedom SecureDrop-Client freedomのSecureDrop-Clientにおける複数の脆弱性 CWE-36
CWE-73
CVE-2026-35465 2026-04-27 11:27 2026-04-18 Show GitHub Exploit DB Packet Storm
2808 8.4 重要
Local 		Gitlawb OpenClaude GitlawbのOpenClaudeにおける複数の脆弱性 CWE-22
CWE-284
CVE-2026-35570 2026-04-27 11:27 2026-04-21 Show GitHub Exploit DB Packet Storm
2809 8.8 重要
Network 		M1k1o Neko M1k1oのNekoにおける複数の脆弱性 CWE-20
CWE-269
CWE-284
CWE-639
CWE-862
CVE-2026-39386 2026-04-27 11:27 2026-04-21 Show GitHub Exploit DB Packet Storm
2810 8.8 重要
Network 		Lawnchair Lawnchair Lawnchairにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-39866 2026-04-27 11:27 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
316351 - tcpdump tcpdump TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read,… CWE-125
Out-of-bounds Read 		CVE-2004-0183 2024-02-16 05:53 2004-05-4 Show GitHub Exploit DB Packet Storm
316352 7.5 HIGH
Network 		linux
redhat 		linux_kernel
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_desktop
enterprise_linux_eus
virtualization 		A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that f… CWE-667
 Improper Locking 		CVE-2009-4272 2024-02-16 05:47 2010-01-28 Show GitHub Exploit DB Packet Storm
316353 7.5 HIGH
Network 		apache http_server Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "… CWE-667
 Improper Locking 		CVE-2004-0174 2024-02-16 05:37 2004-05-4 Show GitHub Exploit DB Packet Storm
316354 5.5 MEDIUM
Local 		microsoft windows_xp
windows_2000
windows_2003_server 		The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the… CWE-667
 Improper Locking 		CVE-2006-2374 2024-02-16 05:22 2006-06-14 Show GitHub Exploit DB Packet Storm
316355 7.5 HIGH
Network 		lksctp
canonical 		stream_control_transmission_protocol
ubuntu_linux 		Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quick… CWE-667
 Improper Locking 		CVE-2006-2275 2024-02-16 05:22 2006-05-10 Show GitHub Exploit DB Packet Storm
316356 5.5 MEDIUM
Local 		linux
debian 		linux_kernel
debian_linux 		The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a… CWE-667
 Improper Locking 		CVE-2005-3847 2024-02-16 05:22 2005-11-27 Show GitHub Exploit DB Packet Storm
316357 4.7 MEDIUM
Local 		linux
debian
canonical 		linux_kernel
debian_linux
ubuntu_linux 		Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a cor… CWE-667
 Improper Locking 		CVE-2005-3106 2024-02-16 05:19 2005-09-30 Show GitHub Exploit DB Packet Storm
316358 5.5 MEDIUM
Local 		image_processing_project image_processing A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information … CWE-212
 Improper Removal of Sensitive Information Before Storage or Transfer 		CVE-2005-0406 2024-02-16 05:19 2005-02-14 Show GitHub Exploit DB Packet Storm
316359 3.3 LOW
Local 		heysoft eventsave\+
eventsave 		Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file can be written to, which allows attackers to prevent events from being recorded by opening the log… CWE-667
 Improper Locking 		CVE-2002-1869 2024-02-16 05:19 2002-12-31 Show GitHub Exploit DB Packet Storm
316360 5.5 MEDIUM
Local 		zonelabs
checkpoint 		zonealarm
zonealarm_pro 		ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. CWE-667
 Improper Locking 		CVE-2001-0682 2024-02-16 05:19 2001-08-29 Show GitHub Exploit DB Packet Storm