Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3001	6.3	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35360	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

3002	5.6	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35363	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

3003	6.3	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-35364	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

3004	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける重要なリソースに対する不適切なパーミッションの割り当てに関する脆弱性	CWE-732 重要なリソースに対する不適切なパーミッションの割り当て	CVE-2026-35367	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

3005	7.8	重要 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける信頼できない検索パスに関する脆弱性	CWE-426 信頼性のない検索パス	CVE-2026-35368	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

3006	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-35377	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

3007	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性	CWE-684 指定された機能の不適切な提供	CVE-2026-35381	2026-04-27 11:17	2026-04-22	Show	GitHub Exploit DB Packet Storm

3008	5.4	警告 Network	Papra	Papra	Papraにおける複数の脆弱性	CWE-79 CWE-80	CVE-2026-35460	2026-04-27 11:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

3009	4.3	警告 Network	Papra	Papra	Papraにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-35461	2026-04-27 11:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

3010	4.3	警告 Network	Papra	Papra	Papraにおけるセッション期限に関する脆弱性	CWE-613 不適切なセッション期限	CVE-2026-35462	2026-04-27 11:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
352151	-	ibm	tivoli_storage_manager	Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (…	NVD-CWE-Other	CVE-2002-0541	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352152	-	aprelium_technologies	abyss_web_server	Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (…	NVD-CWE-Other	CVE-2002-0543	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352153	-	aprelium_technologies	abyss_web_server	Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.	NVD-CWE-Other	CVE-2002-0544	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352154	-	cisco	aironet_ap340 aironet_ap350	Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.	NVD-CWE-Other	CVE-2002-0545	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352155	-	nullsoft	winamp	Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.	NVD-CWE-Other	CVE-2002-0546	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352156	-	nullsoft	winamp	Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field o…	NVD-CWE-Other	CVE-2002-0547	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352157	-	anthill	anthill	Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.	NVD-CWE-Other	CVE-2002-0548	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352158	-	anthill	anthill	Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.	NVD-CWE-Other	CVE-2002-0549	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352159	-	gcf	dynamic_guestbook	Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.	NVD-CWE-Other	CVE-2002-0550	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm

352160	-	gcf	dynamic_guestbook	Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar.	NVD-CWE-Other	CVE-2002-0551	2008-09-6 05:28	2002-07-3	Show	GitHub Exploit DB Packet Storm