Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3771 4.3 警告
Network 		Onyx Onyx Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-42276 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
3772 6.5 警告
Network 		Onyx Onyx Onyxにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-42277 2026-05-14 10:18 2026-05-8 Show GitHub Exploit DB Packet Storm
3773 5.5 警告
Local 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-42308 2026-05-14 10:18 2026-05-9 Show GitHub Exploit DB Packet Storm
3774 5.5 警告
Local 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-42309 2026-05-14 10:18 2026-05-9 Show GitHub Exploit DB Packet Storm
3775 5.5 警告
Local 		Python Software Foundation Python Pillow Python Software FoundationのPython Pillowにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-42310 2026-05-14 10:18 2026-05-9 Show GitHub Exploit DB Packet Storm
3776 8.1 重要
Network 		Grav CMS grav Grav CMSのgravにおける複数の脆弱性 CWE-269
CWE-285
CWE-639
CWE-837
CVE-2026-42609 2026-05-14 10:18 2026-05-11 Show GitHub Exploit DB Packet Storm
3777 6.5 警告
Network 		Grav CMS grav Grav CMSのgravにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42610 2026-05-14 10:18 2026-05-11 Show GitHub Exploit DB Packet Storm
3778 8.9 重要
Network 		Grav CMS grav Grav CMSのgravにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42611 2026-05-14 10:18 2026-05-11 Show GitHub Exploit DB Packet Storm
3779 5.4 警告
Network 		Grav CMS grav Grav CMSのgravにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42612 2026-05-14 10:18 2026-05-11 Show GitHub Exploit DB Packet Storm
3780 4.8 警告
Network 		Grav CMS grav Grav CMSのgravにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42841 2026-05-14 10:18 2026-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
346471 - sgi performance_co-pilot The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR). NVD-CWE-Other
CVE-2001-0823 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346472 - caucho_technology resin A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error messa… NVD-CWE-Other
CVE-2001-0828 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346473 - htdig
conectiva
debian
suse 		htdig
linux
debian_linux
suse_linux 		htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of servic… NVD-CWE-Other
CVE-2001-0834 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346474 - oracle application_server_web_cache Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. NVD-CWE-Other
CVE-2001-0836 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346475 - deltathree pc-to-phone DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, an… NVD-CWE-Other
CVE-2001-0837 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346476 - squid squid_web_proxy Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request. NVD-CWE-Other
CVE-2001-0843 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346477 - lotus domino Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). NVD-CWE-Other
CVE-2001-0846 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346478 - caldera openlinux A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a … NVD-CWE-Other
CVE-2001-0850 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346479 - caldera
linux
suse 		openlinux_server
openlinux_workstation
openlinux
openlinux_edesktop
openlinux_eserver
linux_kernel
suse_linux 		Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. NVD-CWE-Other
CVE-2001-0851 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm
346480 - imp webmail Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message par… NVD-CWE-Other
CVE-2001-0857 2017-10-10 10:29 2001-12-6 Show GitHub Exploit DB Packet Storm