Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
591	9.8	緊急 Network	FreeScout	FreeScout	FreeScoutにおける複数の脆弱性	CWE-200 CWE-284 CWE-770	CVE-2026-40498	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

592	6.1	警告 Network	FreeScout	FreeScout	FreeScoutにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-40565	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

593	7.1	重要 Network	OpenProject	OpenProject	OpenProjectにおける複数の脆弱性	CWE-367 CWE-639	CVE-2026-40896	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

594	7.1	重要 Network	WWBN	AVideo	WWBNのAVideoにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2026-40926	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

595	9.9	緊急 Network	flowiseai	flowise	flowiseaiのflowiseにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-40933	2026-04-24 11:41	2026-04-21	Show	GitHub Exploit DB Packet Storm

596	9.8	緊急 Network	protobufjs project	protobufjs	protobufjs projectのprotobufjsにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41242	2026-04-24 11:41	2026-04-18	Show	GitHub Exploit DB Packet Storm

597	7.5	重要 Network	Junrar project	Junrar	Junrar projectのJunrarにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-41245	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

598	7.5	重要 Network	projectdiscovery	nuclei	ProjectDiscovery, Inc.のNucleiにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-41282	2026-04-24 11:41	2026-04-20	Show	GitHub Exploit DB Packet Storm

599	7.1	重要 Local	オートデスク株式会社	Autodesk Fusion	オートデスク株式会社のAutodesk Fusionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4344	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

600	7.1	重要 Local	オートデスク株式会社	Autodesk Fusion	オートデスク株式会社のAutodesk Fusionにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-4345	2026-04-24 11:41	2026-04-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348531	-	bzip	bzip2	Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the p…	NVD-CWE-Other	CVE-2002-0760	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348532	-	bzip	bzip2	bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could …	NVD-CWE-Other	CVE-2002-0761	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348533	-	hp	virtualvault	Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the…	NVD-CWE-Other	CVE-2002-0763	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348534	-	phorum	phorum	Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a …	NVD-CWE-Other	CVE-2002-0764	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348535	-	richard_gooch	simpleinit	simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with roo…	NVD-CWE-Other	CVE-2002-0767	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348536	-	luke_mewburn suse	lukemftp suse_linux	Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.	NVD-CWE-Other	CVE-2002-0768	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348537	-	cisco	ata-186	The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the att…	NVD-CWE-Other	CVE-2002-0769	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348538	-	id_software	quake_2i_server	Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand …	NVD-CWE-Other	CVE-2002-0770	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348539	-	hosting_controller	hosting_controller	Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.	NVD-CWE-Other	CVE-2002-0772	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm

348540	-	hosting_controller	hosting_controller	imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) …	NVD-CWE-Other	CVE-2002-0773	2008-09-6 05:28	2002-08-12	Show	GitHub Exploit DB Packet Storm