Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
931 10 緊急
Network 		Smallstep Step CA SmallstepのStep CAにおける複数の脆弱性 CWE-287
CWE-295
CWE-295
CVE-2026-30836 2026-04-28 10:11 2026-03-19 Show GitHub Exploit DB Packet Storm
932 4.7 警告
Local 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおけるデータの信頼性についての不十分な検証に関する脆弱性 CWE-345
データの信頼性についての不十分な検証 		CVE-2026-32290 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
933 6.8 警告
Physics 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-32291 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
934 7.5 重要
Network 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2026-32292 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
935 3.7
Network 		GL.iNet Comet (GL-RM1) Firmware GL.iNetのComet (GL-RM1) Firmwareにおける証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2026-32293 2026-04-28 10:11 2026-03-17 Show GitHub Exploit DB Packet Storm
936 6.5 警告
Network 		オラクル PeopleSoft Enterprise FIN Contracts オラクルのPeopleSoft Enterprise FIN Contractsにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-34300 2026-04-28 10:11 2026-04-21 Show GitHub Exploit DB Packet Storm
937 3.7
Network 		Smallstep Step CA SmallstepのStep CAにおける配列インデックスの検証に関する脆弱性 CWE-129
配列インデックスの不適切な検証 		CVE-2026-40097 2026-04-28 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
938 8.2 重要
Network 		Saltcorn Saltcorn Saltcornにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-40163 2026-04-28 10:11 2026-04-10 Show GitHub Exploit DB Packet Storm
939 6.1 警告
Network 		AdonisJS adonisjs/http-server
AdonisJS Core 		AdonisJSのAdonisJS Core等の複数製品におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-40255 2026-04-28 10:11 2026-04-16 Show GitHub Exploit DB Packet Storm
940 9.3 緊急
Local 		MinecAnton209 NovumOS MinecAnton209のNovumOSにおける複数の脆弱性 CWE-20
CWE-269
CVE-2026-40317 2026-04-28 10:11 2026-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313841 - postgresql
trustix
mandrakesoft
redhat 		postgresql
secure_linux
mandrake_linux_corporate_server
enterprise_linux_desktop
enterprise_linux
mandrake_linux 		The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2004-0977 2024-02-3 01:33 2005-02-9 Show GitHub Exploit DB Packet Storm
313842 9.8 CRITICAL
Network 		mit
openpkg
debian 		kerberos_5
openpkg
debian_linux 		Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. CWE-415
 Double Free 		CVE-2004-0772 2024-02-3 00:27 2004-10-20 Show GitHub Exploit DB Packet Storm
313843 - mit
debian
redhat 		kerberos_5
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server 		Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow… CWE-415
 Double Free 		CVE-2004-0642 2024-02-3 00:27 2004-09-28 Show GitHub Exploit DB Packet Storm
313844 9.8 CRITICAL
Network 		mit
apple
debian 		kerberos_5
mac_os_x_server
mac_os_x
debian_linux 		Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. CWE-415
 Double Free 		CVE-2005-1689 2024-02-3 00:24 2005-07-18 Show GitHub Exploit DB Packet Storm
313845 7.8 HIGH
Local 		microsoft outlook
internet_explorer
windows_xp
windows_server_2003
windows_98
windows_me
windows_98se
windows_nt 		Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. CWE-415
 Double Free 		CVE-2003-1048 2024-02-3 00:23 2004-07-27 Show GitHub Exploit DB Packet Storm
313846 9.8 CRITICAL
Network 		openssl openssl Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 … CWE-415
 Double Free 		CVE-2003-0545 2024-02-3 00:23 2003-11-17 Show GitHub Exploit DB Packet Storm
313847 7.5 HIGH
Network 		gnome gtk Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. CWE-415
 Double Free 		CVE-2005-0891 2024-02-3 00:22 2005-05-2 Show GitHub Exploit DB Packet Storm
313848 9.8 CRITICAL
Network 		zlib zlib The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow … CWE-415
 Double Free 		CVE-2002-0059 2024-02-3 00:16 2002-03-15 Show GitHub Exploit DB Packet Storm
313849 - linux linux_kernel Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2005-3119 2024-02-3 00:13 2005-10-12 Show GitHub Exploit DB Packet Storm
313850 - mit
redhat
mandrakesoft 		kerberos_ftp_client
linux
mandrake_linux
mandrake_multi_network_firewall 		Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. CWE-78
OS Command  		CVE-2003-0041 2024-02-3 00:13 2003-02-19 Show GitHub Exploit DB Packet Storm