Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5211 7.5 重要
Network 		libexpat project libexpat libexpat projectのlibexpatにおけるアルゴリズムの複雑さに関する脆弱性 CWE-407
アルゴリズムの複雑性 		CVE-2026-45186 2026-05-18 12:10 2026-05-10 Show GitHub Exploit DB Packet Storm
5212 9.8 緊急
Network 		vm2 project vm2 vm2 projectのvm2における誤った領域へのリソースの漏えいに関する脆弱性 CWE-668
誤った領域へのリソースの漏えい 		CVE-2026-45411 2026-05-18 12:10 2026-05-13 Show GitHub Exploit DB Packet Storm
5213 5.9 警告
Network 		Haxx cURL HaxxのcURLにおける複数の脆弱性 CWE-295
CWE-319
CVE-2026-4873 2026-05-18 12:10 2026-05-13 Show GitHub Exploit DB Packet Storm
5214 5.9 警告
Network 		Haxx cURL HaxxのcURLにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-6253 2026-05-18 12:10 2026-05-13 Show GitHub Exploit DB Packet Storm
5215 7.5 重要
Network 		Haxx cURL HaxxのcURLにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-6276 2026-05-18 12:10 2026-05-13 Show GitHub Exploit DB Packet Storm
5216 5.3 警告
Network 		Haxx cURL HaxxのcURLにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-6429 2026-05-18 12:10 2026-05-13 Show GitHub Exploit DB Packet Storm
5217 7.5 重要
Network 		PgBouncer PgBouncer PgBouncerにおける整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-6664 2026-05-18 12:10 2026-05-9 Show GitHub Exploit DB Packet Storm
5218 9.8 緊急
Network 		PgBouncer PgBouncer PgBouncerにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-6665 2026-05-18 12:10 2026-05-9 Show GitHub Exploit DB Packet Storm
5219 7.5 重要
Network 		PgBouncer PgBouncer PgBouncerにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-6666 2026-05-18 12:09 2026-05-9 Show GitHub Exploit DB Packet Storm
5220 4.3 警告
Network 		PgBouncer PgBouncer PgBouncerにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-6667 2026-05-18 12:09 2026-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313521 3.3 LOW
Local 		hp
redhat
fedoraproject 		hp-ux_directory_server
redhat_directory_server
389_directory_server
directory_server 		389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw… CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2010-3282 2024-11-21 10:18 2020-01-10 Show GitHub Exploit DB Packet Storm
313522 5.5 MEDIUM
Local 		babiloo_project
debian 		babiloo
debian_linux 		babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files. CWE-494
 Download of Code Without Integrity Check 		CVE-2010-3440 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313523 8.8 HIGH
Network 		pixelpost pixelpost Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password. CWE-352
 Origin Validation Error 		CVE-2010-3305 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313524 6.5 MEDIUM
Network 		rubyonrails
debian 		rails
debian_linux 		The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks. CWE-311
Missing Encryption of Sensitive Data 		CVE-2010-3299 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313525 5.5 MEDIUM
Local 		mailscanner mailscanner The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to… CWE-311
Missing Encryption of Sensitive Data 		CVE-2010-3292 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313526 4.7 MEDIUM
Local 		mailscanner mailscanner mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-… CWE-59
Link Following 		CVE-2010-3095 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313527 6.5 MEDIUM
Network 		cor-entertainment
debian
fedoraproject 		alien-arena
debian_linux
fedora 		It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command. CWE-20
 Improper Input Validation  		CVE-2010-3439 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313528 9.8 CRITICAL
Network 		libpoe-component-irc-perl_project
debian
fedoraproject 		libpoe-component-irc-perl
debian_linux
fedora 		libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'pri… CWE-134
Use of Externally-Controlled Format String 		CVE-2010-3438 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313529 4.8 MEDIUM
Local 		gargoyle_project
debian 		gargoyle
debian_linux 		If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a dire… CWE-20
 Improper Input Validation  		CVE-2010-3359 2024-11-21 10:18 2019-11-13 Show GitHub Exploit DB Packet Storm
313530 9.8 CRITICAL
Network 		qtparted_project qtparted qtparted has insecure library loading which may allow arbitrary code execution CWE-20
 Improper Input Validation  		CVE-2010-3375 2024-11-21 10:18 2019-10-30 Show GitHub Exploit DB Packet Storm