Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190651 8.8 重要
Local 		HashiCorp - HashiCorp Vagrant VMware Fusion プラグインにおけるセキュリティ機能に関する脆弱性 CWE-254
セキュリティ機能 		CVE-2017-11741 2017-09-12 17:26 2017-08-2 Show GitHub Exploit DB Packet Storm
190652 7.4 重要
Network 		Tenable, Inc. - Nessus における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2017-11506 2017-09-12 17:26 2017-08-7 Show GitHub Exploit DB Packet Storm
190653 9.8 緊急
Network 		Apache Software Foundation - Apache CXF における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2012-0803 2017-09-12 17:26 2012-01-19 Show GitHub Exploit DB Packet Storm
190654 7.5 重要
Network 		GNOME Project - librest におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2015-2675 2017-09-12 17:25 2015-01-9 Show GitHub Exploit DB Packet Storm
190655 9.8 緊急
Network 		Google - Linux Kernel を使用している CAF リリースの Android のすべての Qualcomm 製品における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2015-9043 2017-09-12 17:15 2017-07-5 Show GitHub Exploit DB Packet Storm
190656 9.8 緊急
Network 		Google - Linux Kernel を使用している CAF リリースの Android のすべての Qualcomm 製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2015-9042 2017-09-12 17:15 2017-07-5 Show GitHub Exploit DB Packet Storm
190657 9.8 緊急
Network 		Google - Linux Kernel を使用している CAF リリースの Android のすべての Qualcomm 製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2015-9041 2017-09-12 17:15 2017-07-5 Show GitHub Exploit DB Packet Storm
190658 9.8 緊急
Network 		Google - Linux Kernel を使用している CAF リリースの Android のすべての Qualcomm 製品におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2015-9040 2017-09-12 17:15 2017-07-5 Show GitHub Exploit DB Packet Storm
190659 9.8 緊急
Network 		Google - Linux Kernel を使用している CAF リリースの Android のすべての Qualcomm 製品における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2015-9039 2017-09-12 17:15 2017-07-5 Show GitHub Exploit DB Packet Storm
190660 9.8 緊急
Network 		Google - Linux Kernel を使用している CAF リリースの Android のすべての Qualcomm 製品における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2015-9038 2017-09-12 17:15 2017-07-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 8.1 HIGH
Network 		microsoft malware_protection_engine Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network. New CWE-122
Heap-based Buffer Overflow 		CVE-2026-45584 2026-05-21 03:56 2026-05-20 Show GitHub Exploit DB Packet Storm
2 7.8 HIGH
Local 		microsoft windows_admin_center Improper link resolution before file access ('link following') in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally. New CWE-59
Link Following 		CVE-2026-42834 2026-05-21 03:29 2026-05-20 Show GitHub Exploit DB Packet Storm
3 9.8 CRITICAL
Network 		- - Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15. New CWE-862
 Missing Authorization 		CVE-2026-8495 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm
4 5.4 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Colorbox Inline allows Cross-Site Scripting (XSS). This issue affects Colorbox Inline: fr… New CWE-79
Cross-site Scripting 		CVE-2026-8493 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm
5 2.7 LOW
Network 		- - Modification of Assumed-Immutable Data (MAID) vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.… New CWE-471
 Modification of Assumed-Immutable Data (MAID) 		CVE-2026-8492 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm
6 3.7 LOW
Network 		- - Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2… New CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-8491 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm
7 5.8 MEDIUM
Network 		- - The Decent Comments WordPress plugin before 3.0.2 does not restrict access to comment author email addresses and post author email addresses via its REST API endpoint, allowing unauthenticated attack… New - CVE-2026-7385 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm
8 4.0 MEDIUM
Local 		- - Microsoft Defender Denial of Service Vulnerability New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-45498 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm
9 7.8 HIGH
Local 		- - Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally. New CWE-59
Link Following 		CVE-2026-41091 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm
10 4.8 MEDIUM
Network 		- - CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability exists in the admin role management interface. In a… New CWE-80
CWE-116
Basic XSS
 Improper Encoding or Escaping of Output 		CVE-2026-34246 2026-05-21 03:16 2026-05-20 Show GitHub Exploit DB Packet Storm