Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4271	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2026-31458	2026-05-7 10:52	2026-04-22	Show	GitHub Exploit DB Packet Storm

4272	7.5	重要 Network	マイクロソフト	Microsoft Dynamics 365	Microsoft Dynamics 365 (online) Spoofing Vulnerability	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-32210	2026-05-7 10:52	2026-04-23	Show	GitHub Exploit DB Packet Storm

4273	9.8	緊急 Network	GNU Project	inetutils	GNU Projectのinetutilsにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2026-32746	2026-05-7 10:52	2026-03-13	Show	GitHub Exploit DB Packet Storm

4274	4.7	警告 Network	GNU Project	inetutils	GNU Projectのinetutilsにおける領域間での誤ったリソース移動に関する脆弱性	CWE-669 領域間での誤ったリソース移動	CVE-2026-32772	2026-05-7 10:52	2026-03-16	Show	GitHub Exploit DB Packet Storm

4275	9.8	緊急 Network	マイクロソフト	Bing	Microsoft Bing のリモートでコードが実行される脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-33819	2026-05-7 10:52	2026-04-23	Show	GitHub Exploit DB Packet Storm

4276	5	警告 Local	オラクル	MySQL	オラクルのMySQLにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-34317	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4277	5.8	警告 Network	オラクル	MySQL	オラクルのMySQLにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2026-34318	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4278	5	警告 Local	オラクル	MySQL	オラクルのMySQLにおけるリクエストに対するレスポンス内容の違いに起因する情報漏えいに関する脆弱性	CWE-204 リクエストに対するレスポンス内容の違いに起因する情報漏えい	CVE-2026-34319	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4279	7.5	重要 Network	オラクル	Java VM	オラクルのJava VMにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35229	2026-05-7 10:51	2026-04-21	Show	GitHub Exploit DB Packet Storm

4280	4.4	警告 Local	オラクル	Oracle Linux	オラクルのOracle Linuxにおける境界外読み取りに関する脆弱性	CWE-125 境界外読み取り	CVE-2026-35233	2026-05-7 10:51	2026-05-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
314171	-		-	-	SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to job…	-	CVE-2024-48936	2024-10-31 06:35	2024-10-28	Show	GitHub Exploit DB Packet Storm

314172	-		-	-	ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is used for a URL such as http://autoconfig.e…	-	CVE-2024-50624	2024-10-31 06:35	2024-10-28	Show	GitHub Exploit DB Packet Storm

314173	8.8	HIGH Network	google	chrome	Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security seve…	NVD-CWE-noinfo	CVE-2024-7974	2024-10-31 06:35	2024-08-22	Show	GitHub Exploit DB Packet Storm

314174	6.5	MEDIUM Network	mozilla	firefox firefox_esr	Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header pr…	NVD-CWE-noinfo	CVE-2024-7531	2024-10-31 06:35	2024-08-6	Show	GitHub Exploit DB Packet Storm

314175	8.8	HIGH Network	zimbra	collaboration	An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. It allows authenticated users to exploit Server-Si…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-45518	2024-10-31 06:23	2024-10-23	Show	GitHub Exploit DB Packet Storm

314176	7.8	HIGH Local	ysoft	safeq	A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authent…	CWE-306 Missing Authentication for Critical Function	CVE-2022-23862	2024-10-31 06:21	2024-10-23	Show	GitHub Exploit DB Packet Storm

314177	9.8	CRITICAL Network	riskengine	radar	A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-10121	2024-10-31 06:21	2024-10-19	Show	GitHub Exploit DB Packet Storm

314178	7.8	HIGH Local	helakuru	helakuru	An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file.	CWE-427 Uncontrolled Search Path Element	CVE-2024-48605	2024-10-31 06:19	2024-10-23	Show	GitHub Exploit DB Packet Storm

314179	4.9	MEDIUM Network	i13websolution	photo_gallery_slideshow_\&_masonry_tiled_gallery	The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.3 due to insufficient escaping…	CWE-89 SQL Injection	CVE-2019-25218	2024-10-31 06:18	2024-10-19	Show	GitHub Exploit DB Packet Storm

314180	4.3	MEDIUM Network	nofusscomputing	centurion_erp	No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of.…	NVD-CWE-noinfo	CVE-2024-49373	2024-10-31 06:16	2024-10-23	Show	GitHub Exploit DB Packet Storm