Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
631 6.3 警告
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-33145 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
632 9.1 緊急
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-33516 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
633 9.1 緊急
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-33689 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
634 2.9
Local 		オラクル Oracle GraalVM for JDK
Oracle GraalVM
JRE
JDK 		オラクルのOracle GraalVM等の複数製品における情報漏えいに関する脆弱性 New CWE-200
情報漏えい 		CVE-2026-34268 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
635 9.8 緊急
Network 		オラクル Oracle Advanced Inbound Telephony オラクルのOracle Advanced Inbound Telephonyにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-34275 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
636 7.5 重要
Network 		オラクル Oracle GraalVM for JDK
Oracle GraalVM
JRE
JDK 		オラクルのOracle GraalVM等の複数製品におけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-34282 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
637 2.4
Network 		オラクル Oracle Database オラクルのOracle Databaseにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-34312 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
638 5.3 警告
Network 		Electron electron Electronのelectronにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-34776 2026-04-28 10:13 2026-04-4 Show GitHub Exploit DB Packet Storm
639 5.4 警告
Network 		オラクル Oracle Fusion Middleware オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-35232 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
640 6.4 警告
Network 		オラクル Oracle Fusion Middleware オラクルのOracle Fusion Middlewareにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-35252 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348341 - t._hauck jana_web_server Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server. NVD-CWE-Other
CVE-2002-1064 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348342 - t._hauck jana_web_server Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute… NVD-CWE-Other
CVE-2002-1065 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348343 - t._hauck jana_web_server Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command t… NVD-CWE-Other
CVE-2002-1066 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348344 - seh ic9_pocket_print_server_firmware Administrative web interface for IC9 Pocket Print Server Firmware 7.1.30 and 7.1.36f allows remote attackers to cause a denial of service (reboot and reset) via a long password, possibly due to a buf… NVD-CWE-Other
CVE-2002-1067 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348345 - php-wiki php-wiki Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter. NVD-CWE-Other
CVE-2002-1070 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348346 - zyxel prestige ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set. NVD-CWE-Other
CVE-2002-1071 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348347 - zyxel prestige ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet. NVD-CWE-Other
CVE-2002-1072 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348348 - atrium_software mercur_mailserver Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password. NVD-CWE-Other
CVE-2002-1073 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348349 - david_harris pegasus_mail Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers. NVD-CWE-Other
CVE-2002-1075 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm
348350 - ipswitch imail Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. NVD-CWE-Other
CVE-2002-1076 2008-09-6 05:29 2002-10-4 Show GitHub Exploit DB Packet Storm