Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190401 8.8 重要
Local 		Xen プロジェクト - Xen における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-14319 2017-10-11 10:35 2017-09-12 Show GitHub Exploit DB Packet Storm
190402 6.5 警告
Local 		Xen プロジェクト - Xen における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-14318 2017-10-11 10:35 2017-09-12 Show GitHub Exploit DB Packet Storm
190403 5.6 警告
Local 		Xen プロジェクト - Xen における競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2017-14317 2017-10-11 10:35 2017-09-12 Show GitHub Exploit DB Packet Storm
190404 8.8 重要
Local 		Xen プロジェクト - Xen における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-14316 2017-10-11 10:35 2017-09-12 Show GitHub Exploit DB Packet Storm
190405 9.8 緊急
Network 		UserDashboard project - Drupal 用 User Dashboard モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-7877 2017-10-11 10:30 2015-09-30 Show GitHub Exploit DB Packet Storm
190406 9.1 緊急
Network 		Carnegie Mellon University (Project Cyrus) - Cyrus IMAP における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-14230 2017-10-11 10:30 2017-09-3 Show GitHub Exploit DB Packet Storm
190407 4.4 警告
Local 		シスコシステムズ - Cisco IOS XE における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6795 2017-10-10 18:44 2017-09-6 Show GitHub Exploit DB Packet Storm
190408 4.3 警告
Adjacent 		シスコシステムズ - Cisco IOS XE における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2017-12213 2017-10-10 18:44 2017-09-6 Show GitHub Exploit DB Packet Storm
190409 6.1 警告
Network 		Ellucian - Ellucian Banner Student におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2015-5054 2017-10-10 17:54 2015-12-2 Show GitHub Exploit DB Packet Storm
190410 9.8 緊急
Network 		Ellucian - Ellucian Banner Student におけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み 		CVE-2015-4689 2017-10-10 17:54 2015-12-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1131 8.4 HIGH
Network 		- - A stored cross-site scripting (XSS) vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can injec… Update CWE-79
Cross-site Scripting 		CVE-2026-6824 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1132 9.8 CRITICAL
Network 		- - Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials … Update CWE-798
 Use of Hard-coded Credentials 		CVE-2026-7786 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1133 5.7 MEDIUM
Adjacent 		- - The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password. Update CWE-552
 Files or Directories Accessible to External Parties 		CVE-2026-40425 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1134 8.8 HIGH
Adjacent 		- - The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range … Update CWE-306
Missing Authentication for Critical Function 		CVE-2026-5768 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1135 8.3 HIGH
Adjacent 		- - Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials. Update CWE-798
 Use of Hard-coded Credentials 		CVE-2026-42929 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1136 8.3 HIGH
Adjacent 		- - The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change. Update CWE-1392
 Use of Default Credentials 		CVE-2026-42941 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1137 5.4 MEDIUM
Adjacent 		- - An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and password hashes. Update CWE-522
 Insufficiently Protected Credentials 		CVE-2026-42951 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1138 5.4 MEDIUM
Adjacent 		- - Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks. Update CWE-916
 Use of Password Hash With Insufficient Computational Effort 		CVE-2026-44611 2026-06-2 02:07 2026-05-30 Show GitHub Exploit DB Packet Storm
1139 4.3 MEDIUM
Adjacent 		- - Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address… New CWE-823
 Use of Out-of-range Pointer Offset 		CVE-2026-34193 2026-06-2 02:07 2026-06-1 Show GitHub Exploit DB Packet Storm
1140 - - - In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux p… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-0826 2026-06-2 02:07 2026-06-2 Show GitHub Exploit DB Packet Storm