Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190371 8.8 重要
Network 		ManageEngine - ServiceDesk Plus などの製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-5301 2017-09-27 17:16 2014-08-16 Show GitHub Exploit DB Packet Storm
190372 9.8 緊急
Network 		SimpleSAMLphp - SimpleSAMLphp におけるセッションの固定化の脆弱性 CWE-384
セッションの固定化 		CVE-2017-12868 2017-09-27 16:46 2017-05-5 Show GitHub Exploit DB Packet Storm
190373 7.2 重要
Network 		fli4l - fli4l における HTTP レスポンス分割に関する脆弱性 CWE-113
HTTP レスポンスの分割 		CVE-2015-1445 2017-09-27 16:46 2015-01-30 Show GitHub Exploit DB Packet Storm
190374 9.8 緊急
Network 		Leadpages - WordPress 用 Double Opt-In for Download プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-7517 2017-09-27 16:46 2015-11-28 Show GitHub Exploit DB Packet Storm
190375 8.8 重要
Network 		Huawei - Huawei VCN500 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-8334 2017-09-27 16:46 2015-11-26 Show GitHub Exploit DB Packet Storm
190376 8.8 重要
Network 		NoMachine - NoMachine における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-12763 2017-09-27 16:46 2017-08-11 Show GitHub Exploit DB Packet Storm
190377 7.5 重要
Network 		SAP - Hybris Commerce ソフトウェアにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-8871 2017-09-27 16:46 2014-10-29 Show GitHub Exploit DB Packet Storm
190378 9.8 緊急
Network 		SAP - SAP NetWeaver における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2015-7241 2017-09-27 16:32 2015-09-21 Show GitHub Exploit DB Packet Storm
190379 9.8 緊急
Network 		Froxlor - Froxlor における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2015-5959 2017-09-27 16:32 2015-07-29 Show GitHub Exploit DB Packet Storm
190380 8.1 重要
Network 		SalesAgility - SuiteCRM における競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2015-5947 2017-09-27 16:32 2015-08-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
321 3.3 LOW
Local 		- - A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwg_next_entity of the file src/decode.c of the component DWG File Handler. The manipulation results in null … New CWE-404
CWE-476
 Improper Resource Shutdown or Release
 NULL Pointer Dereference 		CVE-2026-9503 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
322 5.3 MEDIUM
Local 		- - A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap… New CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error') 
Heap-based Buffer Overflow 		CVE-2026-9502 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
323 3.3 LOW
Local 		- - A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. Executing a manipul… New CWE-617
 Reachable Assertion 		CVE-2026-9501 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
324 3.7 LOW
Network 		- - PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification. New CWE-617
 Reachable Assertion 		CVE-2026-48852 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
325 3.1 LOW
Network 		- - PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session. New CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-48851 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
326 3.7 LOW
Network 		- - PuTTY 0.72 before 0.84 has a double free in RSA KEX. New CWE-415
 Double Free 		CVE-2026-48850 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
327 - - - Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which a… New CWE-202
 Exposure of Sensitive Information Through Data Queries 		CVE-2026-42797 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
328 - - - Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted c… New CWE-653
 Improper Isolation or Compartmentalization 		CVE-2026-42782 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
329 4.3 MEDIUM
Network 		- - Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5. New CWE-352
 Origin Validation Error 		CVE-2026-24597 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm
330 6.5 MEDIUM
Network 		- - Cross-Site Request Forgery (CSRF) vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through … New CWE-352
 Origin Validation Error 		CVE-2026-24574 2026-05-26 06:16 2026-05-26 Show GitHub Exploit DB Packet Storm