Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
601 9.1 緊急
Network 		p2r3 bareiron p2r3のbareironにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2025-69808 2026-04-30 12:11 2026-03-16 Show GitHub Exploit DB Packet Storm
602 9.8 緊急
Network 		p2r3 bareiron p2r3のbareironにおける任意の場所に任意の値を書き込み可能な状態に関する脆弱性 CWE-123
任意の場所に任意の値を書き込み可能な状態 		CVE-2025-69809 2026-04-30 12:11 2026-03-16 Show GitHub Exploit DB Packet Storm
603 7.5 重要
Network 		NLTK NLTK NLTKにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-0847 2026-04-30 12:11 2026-03-4 Show GitHub Exploit DB Packet Storm
604 9.8 緊急
Network 		lollms lollms lollmsにおけるアクセス制御に関する脆弱性 CWE-284
CWE-Other
CVE-2026-1114 2026-04-30 12:11 2026-04-7 Show GitHub Exploit DB Packet Storm
605 4.3 警告
Network 		IBM IBM Guardium Data Protection IBMのIBM Guardium Data Protectionにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-1272 2026-04-30 12:11 2026-04-23 Show GitHub Exploit DB Packet Storm
606 4.9 警告
Network 		IBM IBM Guardium Data Protection IBMのIBM Guardium Data Protectionにおけるビジネスロジックエラーに関する脆弱性 CWE-840
ビジネスロジックエラー 		CVE-2026-1274 2026-04-30 12:11 2026-04-23 Show GitHub Exploit DB Packet Storm
607 6.5 警告
Network 		IBM IBM DB2 IBMのIBM DB2における入力で指定された数量の不適切な検証に関する脆弱性 CWE-1284
入力で指定された数量の不適切な検証 		CVE-2026-1352 2026-04-30 12:11 2026-04-23 Show GitHub Exploit DB Packet Storm
608 9.8 緊急
Network 		エリクソン CodeChecker エリクソンのCodeCheckerにおける複数の脆弱性 CWE-290
CWE-863
CVE-2026-25660 2026-04-30 12:11 2026-04-24 Show GitHub Exploit DB Packet Storm
609 7.8 重要
Local 		マイクロソフト PowerShell Microsoft PowerShell セキュリティ機能のバイパスの脆弱性 CWE-20
不適切な入力確認 		CVE-2026-26143 2026-04-30 12:11 2026-04-14 Show GitHub Exploit DB Packet Storm
610 9.8 緊急
Network 		デル PowerProtect DP Series Appliance
data domain operating system 		デルのdata domain operating system等の複数製品における複数の脆弱性 CWE-121
CWE-787
CVE-2026-26354 2026-04-30 12:11 2026-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313321 7.5 HIGH
Network 		microsoft sql_server Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password. CWE-326
Inadequate Encryption Strength 		CVE-2002-1872 2024-02-15 00:50 2002-12-31 Show GitHub Exploit DB Packet Storm
313322 7.5 HIGH
Network 		click-2 ingenium_learning_management_system Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords. CWE-326
Inadequate Encryption Strength 		CVE-2002-1910 2024-02-15 00:50 2002-12-31 Show GitHub Exploit DB Packet Storm
313323 5.5 MEDIUM
Local 		tata integrated_dialer Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry k… CWE-326
Inadequate Encryption Strength 		CVE-2002-1946 2024-02-15 00:50 2002-12-31 Show GitHub Exploit DB Packet Storm
313324 5.5 MEDIUM
Local 		sharp zaurus_sl-5000d_firmware
zaurus_sl-5500_firmware 		Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via b… CWE-326
Inadequate Encryption Strength 		CVE-2002-1975 2024-02-15 00:50 2002-12-31 Show GitHub Exploit DB Packet Storm
313325 - blender
debian 		blender
debian_linux 		Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call. CWE-94
Code Injection 		CVE-2005-3302 2024-02-15 00:47 2005-10-24 Show GitHub Exploit DB Packet Storm
313326 - gggeek
debian 		phpxmlrpc
debian_linux 		Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote… CWE-94
Code Injection 		CVE-2005-2498 2024-02-15 00:47 2005-08-15 Show GitHub Exploit DB Packet Storm
313327 7.5 HIGH
Network 		juvare webeoc WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for attackers to crack passwords. CWE-326
Inadequate Encryption Strength 		CVE-2005-2281 2024-02-15 00:47 2005-07-18 Show GitHub Exploit DB Packet Storm
313328 - php
gggeek
drupal
tiki
debian 		xml_rpc
phpxmlrpc
drupal
tikiwiki_cms\/groupware
debian_linux 		Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2… CWE-94
Code Injection 		CVE-2005-1921 2024-02-15 00:41 2005-07-5 Show GitHub Exploit DB Packet Storm
313329 - nrl.navy one-time_passwords_in_everything One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and st… CWE-203
 Information Exposure Through Discrepancy 		CVE-2001-1483 2024-02-15 00:17 2001-12-31 Show GitHub Exploit DB Packet Storm
313330 - amtote homebet AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid accoun… CWE-203
 Information Exposure Through Discrepancy 		CVE-2001-1528 2024-02-15 00:17 2001-12-31 Show GitHub Exploit DB Packet Storm