Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
751	7.5	重要 Network	Linaro	OP-TEE Trusted OS	LinaroのOP-TEE Trusted OSにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2026-33662	2026-04-30 11:03	2026-04-24	Show	GitHub Exploit DB Packet Storm

752	7.4	重要 Network	OpenProject	OpenProject	OpenProjectにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2026-33667	2026-04-30 11:03	2026-04-15	Show	GitHub Exploit DB Packet Storm

753	6.7	警告 Local	デル	data domain operating system	デルのdata domain operating systemにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-35154	2026-04-30 11:03	2026-04-20	Show	GitHub Exploit DB Packet Storm

754	3.3	低 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける指定された機能の不適切な提供に関する脆弱性	CWE-684 指定された機能の不適切な提供	CVE-2026-35379	2026-04-30 11:03	2026-04-22	Show	GitHub Exploit DB Packet Storm

755	5.5	警告 Local	Uutils	uutils coreutils	Uutilsのuutils coreutilsにおける入力確認に関する脆弱性	CWE-20 CWE-noinfo	CVE-2026-35380	2026-04-30 11:03	2026-04-22	Show	GitHub Exploit DB Packet Storm

756	10	緊急 Network	マイクロソフト	Microsoft Entra ID	Microsoft Entra ID Entitlement Management Spoofing Vulnerability	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-35431	2026-04-30 11:03	2026-04-23	Show	GitHub Exploit DB Packet Storm

757	5.3	警告 Network	oobabooga	TextGen	oobaboogaのTextGenにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35484	2026-04-30 11:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

758	7.5	重要 Network	oobabooga	TextGen	oobaboogaのTextGenにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-35485	2026-04-30 11:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

759	8.8	重要 Network	Pi-hole	FTLDNS	Pi-holeのFTLDNSにおける複数の脆弱性	CWE-78 CWE-93	CVE-2026-35517	2026-04-30 11:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

760	8.8	重要 Network	Pi-hole	FTLDNS	Pi-holeのFTLDNSにおける複数の脆弱性	CWE-78 CWE-93	CVE-2026-35518	2026-04-30 11:03	2026-04-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347491	-	dotclear	dotclear	Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and attack vectors.	NVD-CWE-Other	CVE-2005-3957	2008-09-6 05:55	2005-12-1	Show	GitHub Exploit DB Packet Storm

347492	-	tradesoft	tradesoft_cms	Multiple SQL injection vulnerabilities in Tradesoft CMS allow remote attackers to execute arbitrary SQL commands via unspecified attack vectors.	NVD-CWE-Other	CVE-2005-3987	2008-09-6 05:55	2005-12-5	Show	GitHub Exploit DB Packet Storm

347493	-	wineggdropshell	wineggdropshell	Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers to execute arbitrary code via (1) a long GET request to the HTTP server, or a long (2) USER or (3) P…	NVD-CWE-Other	CVE-2005-3992	2008-09-6 05:55	2005-12-5	Show	GitHub Exploit DB Packet Storm

347494	-	esi_products	webeoc	WebEOC before 6.0.2 uses the same secret key for all installations, which allows attackers with the key to decrypt data from any WebEOC installation.	NVD-CWE-Other	CVE-2005-4002	2008-09-6 05:55	2005-12-5	Show	GitHub Exploit DB Packet Storm

347495	-	-	-	Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote attackers to gain privileges via a direct request to install.php, then navi…	NVD-CWE-Other	CVE-2005-4025	2008-09-6 05:55	2005-12-5	Show	GitHub Exploit DB Packet Storm

347496	-	amember	amember	Multiple cross-site scripting (XSS) vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the (1) lamember_login parameter to sendpass.php and (2) login paramet…	NVD-CWE-Other	CVE-2005-4028	2008-09-6 05:55	2005-12-5	Show	GitHub Exploit DB Packet Storm

347497	-	esi_products	webeoc	WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute…	NVD-CWE-Other	CVE-2005-4029	2008-09-6 05:55	2005-12-5	Show	GitHub Exploit DB Packet Storm

347498	-	phpmyadmin	phpmyadmin	PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform…	NVD-CWE-Other	CVE-2005-3299	2008-09-6 05:54	2005-10-24	Show	GitHub Exploit DB Packet Storm

347499	-	siteturn	domain_manager_pro	Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pro allows remote attackers to inject arbitrary web script or HTML via the err parameter in the panel script.	NVD-CWE-Other	CVE-2005-3320	2008-09-6 05:54	2005-10-27	Show	GitHub Exploit DB Packet Storm

347500	-	mybulletinboard	mybulletinboard	SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.	NVD-CWE-Other	CVE-2005-3326	2008-09-6 05:54	2005-10-27	Show	GitHub Exploit DB Packet Storm