Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4351	7	重要 Local	レッドハット libssh	libssh Red Hat Hardened Images	libssh等の複数ベンダの製品における制御されていない検索パスの要素に関する脆弱性	CWE-427 制御されていない検索パスの要素	CVE-2025-14821	2026-04-30 12:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

4352	10	緊急 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるパストラバーサルの脆弱性	CWE-29 パストラバーサル (/../filename)	CVE-2025-15036	2026-04-30 12:17	2026-03-30	Show	GitHub Exploit DB Packet Storm

4353	9.8	緊急 Network	lfprojects	mlflow	lfprojectsのmlflowにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2025-15379	2026-04-30 12:17	2026-03-30	Show	GitHub Exploit DB Packet Storm

4354	7.1	重要 Network	lfprojects	mlflow	lfprojectsのmlflowにおける情報漏えいに関する脆弱性	CWE-200 CWE-noinfo	CVE-2025-15381	2026-04-30 12:17	2026-03-27	Show	GitHub Exploit DB Packet Storm

4355	7.5	重要 Network	Apache Software Foundation	Apache Thrift	Apache Software FoundationのApache Thriftにおけるメモリ管理ルーチンの不一致に関する脆弱性	CWE-762 メモリ管理ルーチンの不一致	CVE-2025-48431	2026-04-30 12:17	2026-04-28	Show	GitHub Exploit DB Packet Storm

4356	6.5	警告 Adjacent	ジュニパーネットワークス	Junos OS Evolved	ジュニパーネットワークスのJunos OS Evolvedにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2025-59969	2026-04-30 12:17	2026-04-9	Show	GitHub Exploit DB Packet Storm

4357	7.8	重要 Local	huggingface	transformers	huggingfaceのtransformersにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-1839	2026-04-30 12:17	2026-04-7	Show	GitHub Exploit DB Packet Storm

4358	6.1	警告 Network	シスコシステムズ	Cisco Unity Connection	シスコシステムズのCisco Unity Connectionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-20059	2026-04-30 12:17	2026-04-15	Show	GitHub Exploit DB Packet Storm

4359	4.7	警告 Network	シスコシステムズ	Cisco Unity Connection	シスコシステムズのCisco Unity Connectionにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-20060	2026-04-30 12:17	2026-04-15	Show	GitHub Exploit DB Packet Storm

4360	6.5	警告 Network	シスコシステムズ	Cisco Unity Connection	シスコシステムズのCisco Unity ConnectionにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-20061	2026-04-30 12:17	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348111	-	php_arena	pafiledb	pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a logi…	NVD-CWE-Other	CVE-2005-0326	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348112	-	php_arena	pafiledb	pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php.	NVD-CWE-Other	CVE-2005-0327	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348113	-	netgear zyxel	rt311 rt314 prestige	Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, w…	NVD-CWE-Other	CVE-2005-0328	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348114	-	zipgenius	zipgenius	Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. (dot dot) sequen…	NVD-CWE-Other	CVE-2005-0329	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348115	-	people_can_fly	painkiller	Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long …	NVD-CWE-Other	CVE-2005-0330	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348116	-	rarlab	winrar	Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filen…	NVD-CWE-Other	CVE-2005-0331	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348117	-	ventia	desknow_mail_and_collaboration_server	Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote attackers to (1) upload and possibly execute files outside the directory via the AttachmentsKey paramet…	NVD-CWE-Other	CVE-2005-0332	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348118	-	lanchat_pro_revival	lanchat_pro_revival	LANChat Pro Revival 1.666c allows remote attackers to cause a denial of service (application crash) via a malformed UDP packet.	NVD-CWE-Other	CVE-2005-0333	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348119	-	linksys	psus4_printserver	Linksys PSUS4 running firmware 6032 allows remote attackers to cause a denial of service (device crash) via an HTTP POST request containing an unknown parameter without a value.	NVD-CWE-Other	CVE-2005-0334	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm

348120	-	emotion	mediapartner_web_server	Directory traversal vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.	NVD-CWE-Other	CVE-2005-0335	2017-07-11 10:32	2005-05-2	Show	GitHub Exploit DB Packet Storm