Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3521 7.5 重要
Network 		The Prosody Team Prosody The Prosody TeamのProsodyにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-43507 2026-05-7 11:59 2026-05-1 Show GitHub Exploit DB Packet Storm
3522 7.5 重要
Network 		Debian
GStreamer
レッドハット		 GStreamer
Debian GNU/Linux
Red Hat Enterprise Linux
GStreamer Good Plug-ins 		Debian等の複数ベンダの製品における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-1940 2026-05-7 11:31 2026-03-23 Show GitHub Exploit DB Packet Storm
3523 9.8 緊急
Network 		OPPO ColorOS Assistant OPPOのColorOS Assistantにおける複数の脆弱性 CWE-22
CWE-23
CVE-2026-22070 2026-05-7 11:31 2026-04-30 Show GitHub Exploit DB Packet Storm
3524 8.8 重要
Network 		GeoVision GV-LPC2211 Firmware
GV-LPC2011 Firmware 		GeoVisionのGV-LPC2011 Firmware等の複数製品におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-42364 2026-05-7 11:31 2026-05-4 Show GitHub Exploit DB Packet Storm
3525 7.5 重要
Network 		GeoVision GV-LPC2211 Firmware
GV-LPC2011 Firmware 		GeoVisionのGV-LPC2011 Firmware等の複数製品における観測された状態からの推測に関する脆弱性 CWE-341
観測された状態からの推測 		CVE-2026-42365 2026-05-7 11:31 2026-05-4 Show GitHub Exploit DB Packet Storm
3526 6.1 警告
Network 		GeoVision GV-LPC2211 Firmware
GV-LPC2011 Firmware 		GeoVisionのGV-LPC2011 Firmware等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42366 2026-05-7 11:31 2026-05-4 Show GitHub Exploit DB Packet Storm
3527 6.5 警告
Network 		GeoVision GV-LPC2211 Firmware
GV-LPC2011 Firmware 		GeoVisionのGV-LPC2011 Firmware等の複数製品における認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-42367 2026-05-7 11:31 2026-05-4 Show GitHub Exploit DB Packet Storm
3528 9.9 緊急
Network 		GeoVision GV-LPC2211 Firmware
GV-LPC2011 Firmware 		GeoVisionのGV-LPC2011 Firmware等の複数製品における不適切な権限設定に関する脆弱性 CWE-266
不適切な権限設定 		CVE-2026-42368 2026-05-7 11:31 2026-05-4 Show GitHub Exploit DB Packet Storm
3529 9.8 緊急
Network 		GeoVision GV-VMS Firmware GeoVisionのGV-VMS Firmwareにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-42370 2026-05-7 11:31 2026-05-4 Show GitHub Exploit DB Packet Storm
3530 9.8 緊急
Network 		Bitwarden Bitwarden Command-line Interface BitwardenのBitwarden Command-line Interfaceにおける複数の脆弱性 CWE-78
CWE-94
CVE-2026-42994 2026-05-7 11:31 2026-05-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313311 - - - A SQL Injection vulnerability in ESAFENET CDG 5 and earlier allows an attacker to execute arbitrary code via the id parameter of the dataSearch.jsp page. - CVE-2024-48343 2024-10-30 04:35 2024-10-26 Show GitHub Exploit DB Packet Storm
313312 - - - Cross Site Scripting vulnerability in Sentry v.6.0.9 allows a remote attacker to execute arbitrary code via the z parameter. - CVE-2024-48743 2024-10-30 04:35 2024-10-26 Show GitHub Exploit DB Packet Storm
313313 - - - BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to re… - CVE-2023-25189 2024-10-30 04:35 2024-09-26 Show GitHub Exploit DB Packet Storm
313314 - - - An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a deni… - CVE-2023-20513 2024-10-30 04:35 2024-08-14 Show GitHub Exploit DB Packet Storm
313315 - - - A vulnerability has been found in Telestream Sentry 6.0.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /?page=reports of the component Reports… CWE-79
Cross-site Scripting 		CVE-2024-10276 2024-10-30 03:15 2024-10-23 Show GitHub Exploit DB Packet Storm
313316 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the … NVD-CWE-noinfo
CVE-2024-49999 2024-10-30 03:03 2024-10-22 Show GitHub Exploit DB Packet Storm
313317 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from frag_list Detect tcp gso fraglist skbs with corrupted geometry (see below… CWE-476
 NULL Pointer Dereference 		CVE-2024-49979 2024-10-30 03:02 2024-10-22 Show GitHub Exploit DB Packet Storm
313318 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: gso: fix udp gso fraglist segmentation after pull from frag_list Detect gso fraglist skbs with corrupted geometry (see below) and… CWE-476
 NULL Pointer Dereference 		CVE-2024-49978 2024-10-30 03:01 2024-10-22 Show GitHub Exploit DB Packet Storm
313319 5.8 MEDIUM
Network 		cisco firepower_threat_defense_software
adaptive_security_appliance_software 		A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote a… CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2024-20481 2024-10-30 02:47 2024-10-24 Show GitHub Exploit DB Packet Storm
313320 9.6 CRITICAL
Network 		apple ipados
iphone_os 		A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox. NVD-CWE-noinfo
CVE-2024-40867 2024-10-30 02:41 2024-10-29 Show GitHub Exploit DB Packet Storm