Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3501	7.5	重要 Network	joinmastodon	Mastodon	joinmastodonのMastodonにおける行動ワークフローに関する脆弱性	CWE-841 行動ワークフローの不適切な実施	CVE-2026-41259	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3502	9.1	緊急 Network	dgraph	dgraph	dgraphにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-41327	2026-04-30 11:01	2026-04-24	Show	GitHub Exploit DB Packet Storm

3503	9.1	緊急 Network	dgraph	dgraph	dgraphにおけるデータクエリロジックの特殊要素の不適切な中立化に関する脆弱性	CWE-943 データクエリロジックの特殊要素の不適切な中立化	CVE-2026-41328	2026-04-30 11:01	2026-04-24	Show	GitHub Exploit DB Packet Storm

3504	3.7	低 Network	OpenClaw	OpenClaw	OpenClawにおけるインタラクション頻度の制御に関する脆弱性	CWE-799 インタラクション頻度の不適切な制御	CVE-2026-41333	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3505	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおける安全でない失敗処理に関する脆弱性	CWE-636 安全でない失敗処理	CVE-2026-41334	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3506	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性	CWE-497 認可されていない制御領域への重要情報の漏えい	CVE-2026-41335	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3507	7.8	重要 Local	OpenClaw	OpenClaw	OpenClawにおける信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2026-41336	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3508	5.3	警告 Network	OpenClaw	OpenClaw	OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-41337	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3509	5	警告 Local	OpenClaw	OpenClaw	OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-41338	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

3510	6.5	警告 Network	OpenClaw	OpenClaw	OpenClawにおける不完全な内部状態の区別に関する脆弱性	CWE-372 不完全な内部状態の区別	CVE-2026-41340	2026-04-30 11:01	2026-04-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348731	-	iatek	portalapp	Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.	NVD-CWE-Other	CVE-2005-4482	2013-07-18 22:37	2005-12-22	Show	GitHub Exploit DB Packet Storm

348732	-	speartek	speartek	Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.	NVD-CWE-Other	CVE-2005-4493	2013-07-17 23:41	2005-12-22	Show	GitHub Exploit DB Packet Storm

348733	-	osticket	osticket	Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to …	NVD-CWE-Other	CVE-2005-1436	2013-07-14 13:38	2005-05-3	Show	GitHub Exploit DB Packet Storm

348734	-	symantec	discovery on_command_discovery	The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain …	NVD-CWE-Other	CVE-2005-3316	2013-07-7 13:45	2005-10-27	Show	GitHub Exploit DB Packet Storm

348735	-	onlinetechtools.com	owos_lite	SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter.	NVD-CWE-Other	CVE-2005-3852	2013-07-3 23:48	2005-11-27	Show	GitHub Exploit DB Packet Storm

348736	-	vmware	workstation player ace server fusion	The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Pl…	CWE-200 Information Exposure	CVE-2010-1138	2013-05-15 12:07	2010-04-13	Show	GitHub Exploit DB Packet Storm

348737	-	vmware	workstation player server fusion vix_api	Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VM…	CWE-134 Use of Externally-Controlled Format String	CVE-2010-1139	2013-05-15 12:07	2010-04-13	Show	GitHub Exploit DB Packet Storm

348738	-	vmware	workstation player	The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse p…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-1140	2013-05-15 12:07	2010-04-13	Show	GitHub Exploit DB Packet Storm

348739	-	vmware	workstation player ace server fusion esxi esx	VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-1142	2013-05-15 12:07	2010-04-13	Show	GitHub Exploit DB Packet Storm

348740	-	apple	cups	The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, w…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-0393	2013-05-15 12:06	2010-03-6	Show	GitHub Exploit DB Packet Storm