Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 12:07 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
401	8.8	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおける複数の脆弱性	CWE-284 CWE-94	CVE-2026-31018	2026-04-27 11:23	2026-04-21	Show	GitHub Exploit DB Packet Storm

402	8.8	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-31019	2026-04-27 11:22	2026-04-21	Show	GitHub Exploit DB Packet Storm

403	3.5	低 Network	GitLab.org	GitLab	GitLab.orgのGitLabにおけるレンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限に関する脆弱性	CWE-1021 レンダリングされたユーザインターフェースレイヤまたはフレームの不適切な制限	CVE-2026-3254	2026-04-27 11:22	2026-04-22	Show	GitHub Exploit DB Packet Storm

404	9.9	緊急 Network	Linux Foundation	Spinnaker	Linux FoundationのSpinnakerにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-32604	2026-04-27 11:22	2026-04-20	Show	GitHub Exploit DB Packet Storm

405	9.9	緊急 Network	Linux Foundation	Spinnaker	Linux FoundationのSpinnakerにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-32613	2026-04-27 11:22	2026-04-20	Show	GitHub Exploit DB Packet Storm

406	7.8	重要 Local	Podman project	podman	Podman projectのpodmanにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-33414	2026-04-27 11:22	2026-04-14	Show	GitHub Exploit DB Packet Storm

407	6.1	警告 Network	オラクル	Oracle Identity Manager	オラクルのOracle Identity Managerにおける複数の脆弱性	CWE-284 CWE-601	CVE-2026-34283	2026-04-27 11:22	2026-04-21	Show	GitHub Exploit DB Packet Storm

408	6.1	警告 Network	オラクル	Oracle Business Process Management Suite	オラクルのOracle Business Process Management Suiteにおける複数の脆弱性	CWE-284 CWE-601	CVE-2026-34284	2026-04-27 11:22	2026-04-21	Show	GitHub Exploit DB Packet Storm

409	8.7	重要 Network	オラクル	Oracle HTTP Server	オラクルのOracle HTTP Serverにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-34291	2026-04-27 11:22	2026-04-21	Show	GitHub Exploit DB Packet Storm

410	7.2	重要 Network	オラクル	Oracle WebLogic Server	オラクルのOracle WebLogic Serverにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-34292	2026-04-27 11:22	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
349061	-	cisco	resource_manager	Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community st…	NVD-CWE-Other	CVE-1999-1042	2008-09-6 05:18	1999-12-31	Show	GitHub Exploit DB Packet Storm

349062	-	matt_wright	formhandler.cgi	Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to…	NVD-CWE-Other	CVE-1999-1051	2008-09-6 05:18	1999-11-16	Show	GitHub Exploit DB Packet Storm

349063	-	apache matt_wright	http_server matt_wright_guestbook	guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1…	NVD-CWE-Other	CVE-1999-1053	2008-09-6 05:18	1999-09-13	Show	GitHub Exploit DB Packet Storm

349064	-	digital	vms	VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.	NVD-CWE-Other	CVE-1999-1057	2008-09-6 05:18	1990-10-25	Show	GitHub Exploit DB Packet Storm

349065	-	att	svr4	Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.	NVD-CWE-Other	CVE-1999-1059	2008-09-6 05:18	1992-02-25	Show	GitHub Exploit DB Packet Storm

349066	-	xylogics	annex	Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.	NVD-CWE-Other	CVE-1999-1070	2008-09-6 05:18	1998-07-25	Show	GitHub Exploit DB Packet Storm

349067	-	ipswitch	ws_ftp_pro	WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.	NVD-CWE-Other	CVE-1999-1078	2008-09-6 05:18	1999-07-29	Show	GitHub Exploit DB Packet Storm

349068	-	bsd	bsd	Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.	NVD-CWE-Other	CVE-1999-1098	2008-09-6 05:18	1995-03-3	Show	GitHub Exploit DB Packet Storm

349069	-	sgi apple bsd sun	irix a_ux bsd sunos	lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000…	NVD-CWE-Other	CVE-1999-1102	2008-09-6 05:18	1999-12-31	Show	GitHub Exploit DB Packet Storm

349070	-	digital	osf_1	dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.	NVD-CWE-Other	CVE-1999-1103	2008-09-6 05:18	1996-04-3	Show	GitHub Exploit DB Packet Storm