Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4131 7.5 重要
Network 		Netty Netty Nettyにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-42587 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
4132 9.8 緊急
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-42589 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4133 8.2 重要
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける不完全なブラックリストに関する脆弱性 CWE-184
不完全なブラックリスト 		CVE-2026-42590 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4134 8.2 重要
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42591 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4135 5.3 警告
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける複数の脆弱性 CWE-367
CWE-918
CVE-2026-42592 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4136 5.3 警告
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける複数の脆弱性 CWE-22
CWE-73
CVE-2026-42593 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4137 7.5 重要
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2026-42594 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4138 8.6 重要
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42595 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4139 9.4 緊急
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42596 2026-05-20 13:29 2026-05-14 Show GitHub Exploit DB Packet Storm
4140 5.9 警告
Network 		TheCodingMachine Gotenberg TheCodingMachineのGotenbergにおける複数の脆弱性 CWE-73
CWE-918
CVE-2026-42597 2026-05-20 13:28 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312421 - pilotgroup elms_pro Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of t… CWE-79
Cross-site Scripting 		CVE-2010-2355 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312422 - pilotgroup elms_pro SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter. CWE-89
SQL Injection 		CVE-2010-2354 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312423 - yves_chedemois cck The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, wh… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2353 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312424 - karen_stevenson
yves_chedemois 		cck The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal does not perform access checks before displaying referenced nodes, which allow… CWE-20
 Improper Input Validation  		CVE-2010-2352 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312425 - novell netware Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2351 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312426 - daniel_mealha_cabrita ziproxy Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNG file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2350 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312427 - timhillone h264webcam H264WebCam 3.7 allows remote attackers to cause a denial of service (crash) via a long URI in a GET request, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from … CWE-399
 Resource Management Errors 		CVE-2010-2349 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312428 - freesoftwaretoolbox batch_audio_converter Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0.0.0 and earlier allows remote attackers to execute arbitrary code via a long line in a .WAV file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2348 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312429 - sap j2ee_engine_core
server_core 		The Telnet interface in the SAP J2EE Engine Core (SAP-JEECOR) 6.40 through 7.02, and Server Core (SERVERCORE) 7.10 through 7.30 allows remote authenticated users to bypass a security check and conduc… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2347 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
312430 - odcms odcms Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative… CWE-352
 Origin Validation Error 		CVE-2010-2345 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm