Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3601 9.1 緊急
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2025-59852 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3602 5.3 警告
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおけるエラーメッセージによる情報漏えいに関する脆弱性 CWE-209
エラーメッセージによる情報漏えい 		CVE-2025-59853 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3603 6.1 警告
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおける複数の脆弱性 CWE-79
CWE-80
CVE-2025-59854 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
3604 9.4 緊急
Network 		Deutsche Telekom AG Telekom Account Management Portal Deutsche Telekom AGのTelekom Account Management Portalにおけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み 		CVE-2025-69614 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
3605 9.1 緊急
Network 		Deutsche Telekom AG Telekom Account Management Portal Deutsche Telekom AGのTelekom Account Management Portalにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2025-69615 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
3606 6.1 警告
Network 		generatedata generatedata generatedataにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70025 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
3607 7.5 重要
Network 		pdfmake project pdfmake pdfmakeにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-26801 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
3608 7.8 重要
Local 		Luis Novo (lfnovo) Open Notebook Luis Novo (lfnovo)のOpen Notebookにおける複数の脆弱性 CWE-20
CWE-352
CWE-917
CWE-noinfo
CVE-2026-28201 2026-05-11 11:02 2026-05-7 Show GitHub Exploit DB Packet Storm
3609 9.8 緊急
Network 		Xiaomi MIUI File Explorer XiaomiのMIUI File Explorerにおける複数の脆弱性 CWE-303
CWE-862
CVE-2026-29515 2026-05-11 11:02 2026-03-11 Show GitHub Exploit DB Packet Storm
3610 6.1 警告
Network 		WorkflowFirst Software LLC Staff.Wiki WorkflowFirst Software LLCのStaff.Wikiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-29969 2026-05-11 11:02 2026-03-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350591 - mplayer
gentoo
mandrakesoft 		mplayer
linux
mandrake_linux 		Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. NVD-CWE-Other
CVE-2004-0386 2017-07-11 10:30 2004-05-4 Show GitHub Exploit DB Packet Storm
350592 - realnetworks realone_player
realplayer 		Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a … NVD-CWE-Other
CVE-2004-0387 2017-07-11 10:30 2004-06-1 Show GitHub Exploit DB Packet Storm
350593 - sco openserver SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other … NVD-CWE-Other
CVE-2004-0390 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
350594 - cisco wireless_lan_solution_engine
hosting_solution_engine 		Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, m… NVD-CWE-Other
CVE-2004-0391 2017-07-11 10:30 2004-06-1 Show GitHub Exploit DB Packet Storm
350595 - kame racoon racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) … NVD-CWE-Other
CVE-2004-0392 2017-07-11 10:30 2004-06-14 Show GitHub Exploit DB Packet Storm
350596 - rlpr rlpr Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, whic… NVD-CWE-Other
CVE-2004-0393 2017-07-11 10:30 2004-12-6 Show GitHub Exploit DB Packet Storm
350597 - linux linux_kernel A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. NVD-CWE-Other
CVE-2004-0394 2017-07-11 10:30 2004-08-18 Show GitHub Exploit DB Packet Storm
350598 - gatos gatos The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharact… NVD-CWE-Other
CVE-2004-0395 2017-07-11 10:30 2004-12-6 Show GitHub Exploit DB Packet Storm
350599 - subversion subversion Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev sv… NVD-CWE-Other
CVE-2004-0397 2017-07-11 10:30 2004-07-7 Show GitHub Exploit DB Packet Storm
350600 - university_of_cambridge exim Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code … NVD-CWE-Other
CVE-2004-0399 2017-07-11 10:30 2004-07-7 Show GitHub Exploit DB Packet Storm