Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4321	4.9	警告 Network	IBM	IBM Guardium Data Protection	IBMのIBM Guardium Data Protectionにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-4917	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

4322	4.8	警告 Network	IBM	IBM Guardium Data Protection	IBMのIBM Guardium Data Protectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4918	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

4323	4.8	警告 Network	IBM	IBM Guardium Data Protection	IBMのIBM Guardium Data Protectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4919	2026-04-30 12:25	2026-04-23	Show	GitHub Exploit DB Packet Storm

4324	8.6	重要 Network	HashiCorp	Vault	HashiCorpのVaultにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-5052	2026-04-30 12:25	2026-04-17	Show	GitHub Exploit DB Packet Storm

4325	6.5	警告 Network	Rapid7	velociraptor	Rapid7のvelociraptorにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-5329	2026-04-30 12:25	2026-04-9	Show	GitHub Exploit DB Packet Storm

4326	7.5	重要 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-5477	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

4327	5.9	警告 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-5500	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

4328	8.1	重要 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける証明書検証に関する脆弱性	CWE-295 不正な証明書検証	CVE-2026-5501	2026-04-30 12:24	2026-04-10	Show	GitHub Exploit DB Packet Storm

4329	9.1	緊急 Network	wolfSSL Inc.	wolfSSL	wolfSSL Inc.のwolfSSLにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-5503	2026-04-30 12:24	2026-04-9	Show	GitHub Exploit DB Packet Storm

4330	9	緊急 Network	craftycontrol	crafty controller	craftycontrolのcrafty controllerにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-5652	2026-04-30 12:24	2026-04-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315011	-	microsoft	internet_explorer windows_2003_server windows_7 windows_server_2003 windows_server_2008 windows_vista windows_xp	Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and de…	CWE-94 Code Injection	CVE-2010-0492	2024-10-22 02:35	2010-04-1	Show	GitHub Exploit DB Packet Storm

315012	-	microsoft	internet_explorer	Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly ini…	CWE-94 Code Injection	CVE-2010-0248	2024-10-22 02:35	2010-01-23	Show	GitHub Exploit DB Packet Storm

315013	-	-	-	Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote c…	-	CVE-2024-37404	2024-10-22 02:10	2024-10-19	Show	GitHub Exploit DB Packet Storm

315014	-	-	-	Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.	-	CVE-2024-29821	2024-10-22 02:10	2024-10-19	Show	GitHub Exploit DB Packet Storm

315015	-	-	-	Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.	-	CVE-2024-29213	2024-10-22 02:10	2024-10-19	Show	GitHub Exploit DB Packet Storm

315016	-	-	-	In J2eeFAST <=2.7, the backend function has unsafe filtering, which allows an attacker to trigger certain sensitive functions resulting in arbitrary code execution.	-	CVE-2024-45944	2024-10-22 02:10	2024-10-19	Show	GitHub Exploit DB Packet Storm

315017	-	-	-	Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could p…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2024-48016	2024-10-22 02:10	2024-10-19	Show	GitHub Exploit DB Packet Storm

315018	-	-	-	Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. A low privileged attacker with remote access could potentially explo…	CWE-295 Improper Certificate Validation	CVE-2024-47241	2024-10-22 02:10	2024-10-19	Show	GitHub Exploit DB Packet Storm

315019	-	-	-	ACON is a widely-used library of tools for machine learning that focuses on adaptive correlation optimization. A potential vulnerability has been identified in the input validation process, which cou…	CWE-20 Improper Input Validation	CVE-2024-49361	2024-10-22 02:10	2024-10-19	Show	GitHub Exploit DB Packet Storm

315020	-	-	-	secp256k1-node is a Node.js binding for an Optimized C library for EC operations on curve secp256k1. In `elliptic`-based version, `loadUncompressedPublicKey` has a check that the public key is on the…	CWE-354 Improper Validation of Integrity Check Value	CVE-2024-48930	2024-10-22 02:09	2024-10-22	Show	GitHub Exploit DB Packet Storm