Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3781	7.5	重要 Network	オラクル	Oracle GraalVM for JDK Oracle GraalVM JRE JDK	オラクルのOracle GraalVM等の複数製品におけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-34282	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3782	2.4	低 Network	オラクル	Oracle Database	オラクルのOracle Databaseにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-34312	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3783	5.3	警告 Network	Electron	electron	Electronのelectronにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-34776	2026-04-28 10:13	2026-04-4	Show	GitHub Exploit DB Packet Storm

3784	5.4	警告 Network	オラクル	Oracle Fusion Middleware	オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35232	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3785	6.4	警告 Network	オラクル	Oracle Fusion Middleware	オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35252	2026-04-28 10:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

3786	7.3	重要 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35338	2026-04-28 10:13	2026-04-22	Show	GitHub Exploit DB Packet Storm

3787	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるUnicode エンコーディングの処理に関する脆弱性	CWE-176 Unicode エンコーディングの不適切な処理	CVE-2026-35346	2026-04-28 10:12	2026-04-22	Show	GitHub Exploit DB Packet Storm

3788	4.4	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-35347	2026-04-28 10:12	2026-04-22	Show	GitHub Exploit DB Packet Storm

3789	7.7	重要 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるリンク解釈に関する脆弱性	CWE-59 リンク解釈の問題	CVE-2026-35349	2026-04-28 10:12	2026-04-22	Show	GitHub Exploit DB Packet Storm

3790	4.2	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおけるパーミッションの不適切な保持に関する脆弱性	CWE-281 パーミッションの不適切な保持	CVE-2026-35351	2026-04-28 10:12	2026-04-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
353451	-	phorum	phorum	Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a …	NVD-CWE-Other	CVE-2002-0764	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353452	-	richard_gooch	simpleinit	simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with roo…	NVD-CWE-Other	CVE-2002-0767	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353453	-	luke_mewburn suse	lukemftp suse_linux	Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.	NVD-CWE-Other	CVE-2002-0768	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353454	-	cisco	ata-186	The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the att…	NVD-CWE-Other	CVE-2002-0769	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353455	-	id_software	quake_2i_server	Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand …	NVD-CWE-Other	CVE-2002-0770	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353456	-	hosting_controller	hosting_controller	Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.	NVD-CWE-Other	CVE-2002-0772	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353457	-	hosting_controller	hosting_controller	imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) …	NVD-CWE-Other	CVE-2002-0773	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353458	-	hosting_controller	hosting_controller	Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed.	NVD-CWE-Other	CVE-2002-0774	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353459	-	hosting_controller	hosting_controller	browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.	NVD-CWE-Other	CVE-2002-0775	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

353460	-	hosting_controller	hosting_controller	getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser"…	NVD-CWE-Other	CVE-2002-0776	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm