Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4181	9.8	緊急 Network	Steven Fackler	rust-openssl	rust-OpenSSL Projectのrust-OpenSSLにおける複数の脆弱性	CWE-126 CWE-130	CVE-2026-41898	2026-04-30 12:17	2026-04-24	Show	GitHub Exploit DB Packet Storm

4182	7	重要 Local	レッドハット libssh	libssh Red Hat Hardened Images	libssh等の複数ベンダの製品における制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2025-14821	2026-04-30 12:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

4183	10	緊急 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるパストラバーサルの脆弱性	CWE-29 パストラバーサル (/../filename)	CVE-2025-15036	2026-04-30 12:17	2026-03-30	Show	GitHub Exploit DB Packet Storm

4184	9.8	緊急 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2025-15379	2026-04-30 12:17	2026-03-30	Show	GitHub Exploit DB Packet Storm

4185	7.1	重要 Network	lfprojects	mlflow	lfprojectsのmlflowにおける情報漏えいに関する脆弱性	CWE-200 CWE-noinfo	CVE-2025-15381	2026-04-30 12:17	2026-03-27	Show	GitHub Exploit DB Packet Storm

4186	7.5	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおけるメモリ管理ルーチンの不一致に関する脆弱性	CWE-762 メモリ管理ルーチンの不一致	CVE-2025-48431	2026-04-30 12:17	2026-04-28	Show	GitHub Exploit DB Packet Storm

4187	6.5	警告 Adjacent	ジュニパーネットワークス	Junos OS Evolved	ジュニパーネットワークスのJunos OS Evolvedにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2025-59969	2026-04-30 12:17	2026-04-9	Show	GitHub Exploit DB Packet Storm

4188	7.8	重要 Local	huggingface	transformers	huggingfaceのtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-1839	2026-04-30 12:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

4189	6.1	警告 Network	シスコシステムズ	Cisco Unity Connection	シスコシステムズのCisco Unity Connectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-20059	2026-04-30 12:17	2026-04-15	Show	GitHub Exploit DB Packet Storm

4190	4.7	警告 Network	シスコシステムズ	Cisco Unity Connection	シスコシステムズのCisco Unity Connectionにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-20060	2026-04-30 12:17	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
352251	-	symantec	brightmail_antispam	Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages.	NVD-CWE-Other	CVE-2005-4695	2011-03-8 11:28	2005-12-31	Show	GitHub Exploit DB Packet Storm

352252	-	sun	solaris	Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly…	NVD-CWE-Other	CVE-2005-4701	2011-03-8 11:28	2005-12-31	Show	GitHub Exploit DB Packet Storm

352253	-	sun	solaris	Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the se…	NVD-CWE-Other	CVE-2005-4706	2011-03-8 11:28	2005-12-31	Show	GitHub Exploit DB Packet Storm

352254	-	php_gen	php_gen	Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before 1.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.	NVD-CWE-Other	CVE-2005-4707	2011-03-8 11:28	2005-12-31	Show	GitHub Exploit DB Packet Storm

352255	-	pam_mysql	pam_mysql	Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecifie…	NVD-CWE-Other	CVE-2005-4713	2011-03-8 11:28	2005-12-31	Show	GitHub Exploit DB Packet Storm

352256	-	arki-db	arki-db	SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php.	NVD-CWE-Other	CVE-2005-3696	2011-03-8 11:27	2005-11-21	Show	GitHub Exploit DB Packet Storm

352257	-	apple	mac_os_x mac_os_x_server	Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.	NVD-CWE-Other	CVE-2005-3702	2011-03-8 11:27	2005-12-1	Show	GitHub Exploit DB Packet Storm

352258	-	senao	si-680h_wireless_voip_phone	Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive infor…	NVD-CWE-Other	CVE-2005-3715	2011-03-8 11:27	2005-11-21	Show	GitHub Exploit DB Packet Storm

352259	-	utstarcom	f1000_voip_wifi_phone	The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has a default username "target" and password "password", which allows remote attackers to gain ful…	NVD-CWE-Other	CVE-2005-3717	2011-03-8 11:27	2005-11-21	Show	GitHub Exploit DB Packet Storm

352260	-	utstarcom	f1000_voip_wifi_phone	UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to (1) SNMP or (2) the rlogin port TCP 513, which allows remote attackers to exp…	NVD-CWE-Other	CVE-2005-3718	2011-03-8 11:27	2005-11-21	Show	GitHub Exploit DB Packet Storm