Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2911	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7359	2026-05-1 10:40	2026-04-28	Show	GitHub Exploit DB Packet Storm

2912	3.1	低 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-7360	2026-05-1 10:40	2026-04-28	Show	GitHub Exploit DB Packet Storm

2913	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7361	2026-05-1 10:40	2026-04-28	Show	GitHub Exploit DB Packet Storm

2914	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7363	2026-05-1 10:40	2026-04-28	Show	GitHub Exploit DB Packet Storm

2915	4.3	警告 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-59031	2026-05-1 10:39	2026-03-27	Show	GitHub Exploit DB Packet Storm

2916	5.3	警告 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-0394	2026-05-1 10:39	2026-03-27	Show	GitHub Exploit DB Packet Storm

2917	8.2	重要 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-24031	2026-05-1 10:39	2026-03-27	Show	GitHub Exploit DB Packet Storm

2918	5.9	警告 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品におけるCapture-replay による認証回避に関する脆弱性	CWE-294 Capture-replayによる認証回避	CVE-2026-27855	2026-05-1 10:39	2026-03-27	Show	GitHub Exploit DB Packet Storm

2919	5.9	警告 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品における認証に関する脆弱性	CWE-287 CWE-Other	CVE-2026-27856	2026-05-1 10:39	2026-03-27	Show	GitHub Exploit DB Packet Storm

2920	5.3	警告 Network	Timo Sirainen Open-Xchange	Dovecot Pro Dovecot	Timo Sirainen等の複数ベンダの製品におけるLDAP インジェクションの脆弱性	CWE-90 LDAP インジェクション	CVE-2026-27860	2026-05-1 10:39	2026-03-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347451	-	cpanel	cpanel	cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.	NVD-CWE-Other	CVE-2004-1604	2016-10-18 11:57	2004-09-30	Show	GitHub Exploit DB Packet Storm

347452	-	best_software saleslogix_corporation	saleslogix	SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2…	NVD-CWE-Other	CVE-2004-1610	2016-10-18 11:57	2004-10-18	Show	GitHub Exploit DB Packet Storm

347453	-	mozilla	mozilla	Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with …	NVD-CWE-Other	CVE-2004-1614	2016-10-18 11:57	2004-10-18	Show	GitHub Exploit DB Packet Storm

347454	-	w-agora	w-agora	list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter.	NVD-CWE-Other	CVE-2004-1565	2016-10-18 11:56	2004-12-31	Show	GitHub Exploit DB Packet Storm

347455	-	minihttpserver.net	web_forums_server	Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attackers to read arbitrary files via a URL containing (1) "..\" (dot dot backslash), (2) "../" (dot dot sl…	NVD-CWE-Other	CVE-2004-1496	2016-10-18 11:55	2004-12-31	Show	GitHub Exploit DB Packet Storm

347456	-	-	-	Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges.	NVD-CWE-Other	CVE-2004-1497	2016-10-18 11:55	2004-12-31	Show	GitHub Exploit DB Packet Storm

347457	-	webhost_automation	helm_control_panel	SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.	NVD-CWE-Other	CVE-2004-1498	2016-10-18 11:55	2004-12-31	Show	GitHub Exploit DB Packet Storm

347458	-	jelsoft	vbulletin	SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php.	NVD-CWE-Other	CVE-2004-1515	2016-10-18 11:55	2004-12-31	Show	GitHub Exploit DB Packet Storm

347459	-	new_media_generation	hired_team_trial	Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game players can kick other players off the server, including the administrator.	NVD-CWE-Other	CVE-2004-1526	2016-10-18 11:55	2004-12-31	Show	GitHub Exploit DB Packet Storm

347460	-	mediawiki	mediawiki	MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary c…	NVD-CWE-Other	CVE-2004-1405	2016-10-18 11:54	2004-12-31	Show	GitHub Exploit DB Packet Storm