Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4261	4.8	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23753	2026-04-30 12:14	2026-04-20	Show	GitHub Exploit DB Packet Storm

4262	5.4	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23756	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

4263	5.4	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23757	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

4264	5.4	警告 Network	GFI	GFI HelpDesk	GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-23758	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

4265	6.5	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-25773	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

4266	4.3	警告 Network	Mattermost, Inc.	Focalboard	Mattermost, Inc.のFocalboardにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-28736	2026-04-30 12:13	2026-04-3	Show	GitHub Exploit DB Packet Storm

4267	7.8	重要 Local	DeepCool	DeepCreative	DeepCoolのDeepCreativeにおける安全でない継承されたパーミッションに関する脆弱性	CWE-277 安全でない継承されたパーミッション	CVE-2026-30266	2026-04-30 12:13	2026-04-20	Show	GitHub Exploit DB Packet Storm

4268	7.5	重要 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-32297	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

4269	9.1	緊急 Network	Angeet	ES3 KVM Firmware	AngeetのES3 KVM FirmwareにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-32298	2026-04-30 12:13	2026-03-17	Show	GitHub Exploit DB Packet Storm

4270	7.5	重要 Network	オラクル	Oracle Financial Services Customer Screening	オラクルのOracle Financial Services Customer Screeningにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-34320	2026-04-30 12:13	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
350281	-	oracle	reports	SQL injection vulnerability in Oracle Reports that use Lexical References allows remote attackers to execute arbitrary SQL commands via the values in the parameter form that appears when the paramfor…	CWE-89 SQL Injection	CVE-2005-2983	2016-10-18 12:31	2005-09-20	Show	GitHub Exploit DB Packet Storm

350282	-	symantec	norton_antivirus	Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.…	NVD-CWE-Other	CVE-2005-2766	2016-10-18 12:30	2005-09-2	Show	GitHub Exploit DB Packet Storm

350283	-	mybulletinboard	mybulletinboard	SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL statements via the fid parameter.	NVD-CWE-Other	CVE-2005-2778	2016-10-18 12:30	2005-09-3	Show	GitHub Exploit DB Packet Storm

350284	-	-	-	The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing" attac…	NVD-CWE-Other	CVE-2005-2779	2016-10-18 12:30	2005-09-3	Show	GitHub Exploit DB Packet Storm

350285	-	neocrome	land_down_under	Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature.	NVD-CWE-Other	CVE-2005-2780	2016-10-18 12:30	2005-09-3	Show	GitHub Exploit DB Packet Storm

350286	-	cosmoshop	cosmoshop	Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8.10.78 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file parameter.	NVD-CWE-Other	CVE-2005-2786	2016-10-18 12:30	2005-09-3	Show	GitHub Exploit DB Packet Storm

350287	-	urban	urban	Multiple stack-based buffer overflows in urban before 1.5.3 allow local users to gain privileges via a long HOME environment variable to (1) config.cc, (2) game.cc, (3) highscor.cc, or (4) meny.cc.	NVD-CWE-Other	CVE-2005-2810	2016-10-18 12:30	2005-09-8	Show	GitHub Exploit DB Packet Storm

350288	-	-	-	Cross-site scripting (XSS) vulnerability in Greymatter allows remote attackers to inject arbitrary web script or HTML via a post comment, which is recorded in a log file but not properly handled when…	NVD-CWE-Other	CVE-2005-2816	2016-10-18 12:30	2005-09-8	Show	GitHub Exploit DB Packet Storm

350289	-	barracuda_networks	barracuda_spam_firewall	img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.	NVD-CWE-Other	CVE-2005-2847	2016-10-18 12:30	2005-09-8	Show	GitHub Exploit DB Packet Storm

350290	-	barracuda_networks	barracuda_spam_firewall	Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to (1) read portions of source code via the -f option to Dig (dig_device.cgi), (…	NVD-CWE-Other	CVE-2005-2849	2016-10-18 12:30	2005-09-8	Show	GitHub Exploit DB Packet Storm