Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3981 6.3 警告
Local 		Flatpak XDG Desktop Portal (xdg-desktop-portal) FlatpakのXDG Desktop Portal (xdg-desktop-portal)におけるUNIX Symbolic Link のフォローに関する脆弱性 CWE-61
UNIX Symbolic Link のフォロー 		CVE-2026-40354 2026-04-30 12:13 2026-04-11 Show GitHub Exploit DB Packet Storm
3982 5.3 警告
Local 		Veeam one サムスンのOneにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40448 2026-04-30 12:13 2026-04-22 Show GitHub Exploit DB Packet Storm
3983 6.6 警告
Local 		Veeam one サムスンのOneにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40449 2026-04-30 12:13 2026-04-22 Show GitHub Exploit DB Packet Storm
3984 6.6 警告
Local 		Veeam one サムスンのOneにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-40450 2026-04-30 12:13 2026-04-22 Show GitHub Exploit DB Packet Storm
3985 8.2 重要
Network 		UltraDAG UltraDAG UltraDAGにおける複数の脆弱性 CWE-460
CWE-696
CVE-2026-40583 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3986 7.5 重要
Network 		RansomLook RansomLook RansomLookにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-40584 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3987 5.6 警告
Local 		Home Assistant Ecosystem Home Assistant Command-line Interface (hass-cli) Home Assistant EcosystemのHome Assistant Command-line Interface (hass-cli)における複数の脆弱性 CWE-1336
CWE-94
CVE-2026-40602 2026-04-30 12:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3988 5.5 警告
Local 		Dayuan Jiang (DayuanJiang) Next AI Draw.io Dayuan Jiang (DayuanJiang)のNext AI Draw.ioにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40608 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
3989 8.1 重要
Network 		Zcash Foundation Zebra-consensus
Zebrad 		Zcash FoundationのZebra-consensus等の複数製品における誤った要素を使用した比較に関する脆弱性 CWE-1025
誤った要素を使用した比較 		CVE-2026-40880 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
3990 7.5 重要
Network 		Zcash Foundation zebra-network
Zebrad 		Zcash Foundationのzebra-network等の複数製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40881 2026-04-30 12:12 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
350521 - apple darwin_streaming_server
quicktime_streaming_server 		parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters. NVD-CWE-Other
CVE-2003-0050 2016-10-18 11:28 2003-03-7 Show GitHub Exploit DB Packet Storm
350522 - apple darwin_streaming_server
quicktime_streaming_server 		parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NU… NVD-CWE-Other
CVE-2003-0051 2016-10-18 11:28 2003-03-7 Show GitHub Exploit DB Packet Storm
350523 - apple darwin_streaming_server
quicktime_streaming_server 		parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. NVD-CWE-Other
CVE-2003-0052 2016-10-18 11:28 2003-03-7 Show GitHub Exploit DB Packet Storm
350524 - apple darwin_streaming_server
quicktime_streaming_server 		Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script… NVD-CWE-Other
CVE-2003-0053 2016-10-18 11:28 2003-03-7 Show GitHub Exploit DB Packet Storm
350525 - apple darwin_streaming_server
quicktime_streaming_server 		Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to th… NVD-CWE-Other
CVE-2003-0054 2016-10-18 11:28 2003-03-7 Show GitHub Exploit DB Packet Storm
350526 - apple quicktime_darwin_mp3_broadcaster Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long … NVD-CWE-Other
CVE-2003-0055 2016-10-18 11:28 2003-03-7 Show GitHub Exploit DB Packet Storm
350527 - eset_software nod32_antivirus Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. NVD-CWE-Other
CVE-2003-0062 2016-10-18 11:28 2003-02-19 Show GitHub Exploit DB Packet Storm
350528 - phorum phorum Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a allows remote attackers to inject arbitrary web script or HTML via (1) the t parameter or (2) the body of an email response. CWE-79
Cross-site Scripting 		CVE-2002-2340 2016-10-18 11:28 2002-12-31 Show GitHub Exploit DB Packet Storm
350529 - joe_depasquale bannermatic Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain s… CWE-200
Information Exposure 		CVE-2002-2342 2016-10-18 11:28 2002-12-31 Show GitHub Exploit DB Packet Storm
350530 - hughes_technologies libhttpd Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2002-2400 2016-10-18 11:28 2002-12-31 Show GitHub Exploit DB Packet Storm