Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190791 9.8 緊急
Network 		PHICOMM - PHICOMM K2 デバイスにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-11495 2017-09-7 10:42 2017-07-22 Show GitHub Exploit DB Packet Storm
190792 9.8 緊急
Network 		OnePlus - OnePlus 2 Primary Bootloader における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-11105 2017-09-6 18:22 2017-08-1 Show GitHub Exploit DB Packet Storm
190793 9.8 緊急
Network 		Zoho Corporation - Zoho ManageEngine OpManager における暗号に関する脆弱性 CWE-310
暗号の問題 		CVE-2015-9107 2017-09-6 18:16 2015-10-8 Show GitHub Exploit DB Packet Storm
190794 7.8 重要
Local 		NVIDIA - NVIDIA Windows GPU Display Driver における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6252 2017-09-6 18:02 2017-07-24 Show GitHub Exploit DB Packet Storm
190795 7.8 重要
Local 		NVIDIA - NVIDIA Windows GPU Display Driver におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-6251 2017-09-6 18:02 2017-07-24 Show GitHub Exploit DB Packet Storm
190796 9.8 緊急
Network 		shadow project - shadow におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-12424 2017-09-6 17:41 2017-03-31 Show GitHub Exploit DB Packet Storm
190797 6.1 警告
Network 		Andreas Gohr - DokuWiki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12583 2017-09-6 17:39 2017-08-12 Show GitHub Exploit DB Packet Storm
190798 4.8 警告
Network 		Splunk - Splunk Enterprise および Splunk Light におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12572 2017-09-6 17:39 2017-02-23 Show GitHub Exploit DB Packet Storm
190799 6.1 警告
Network 		アクシスコミュニケーションズ - AXIS 2100 デバイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12413 2017-09-6 17:35 2017-08-4 Show GitHub Exploit DB Packet Storm
190800 7.3 重要
Local 		Dashlane Inc. - Dashlane における信頼性のない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2017-11657 2017-09-6 17:27 2017-08-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 9.8 CRITICAL
Network 		- - Tyler Identity Local (TID-L) uses documented, default administrative credentials. Users are not required to change the credentials before deployment. TID-L has not been distributed since December 202… New CWE-1392
 Use of Default Credentials 		CVE-2026-44159 2026-05-20 02:57 2026-05-20 Show GitHub Exploit DB Packet Storm
92 5.8 MEDIUM
Network 		- - Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network tr… New CWE-405
CWE-406
CWE-770
 Asymmetric Resource Consumption (Amplification)
 Insufficient Control of Network Message Volume (Network Amplification)
 Allocation of Resources Without Limits or Throttling 		CVE-2026-45557 2026-05-20 02:57 2026-05-20 Show GitHub Exploit DB Packet Storm
93 8.1 HIGH
Network 		- - NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (for example, $http_*, $arg_*, $cookie_*) and a location invoki… New CWE-122
Heap-based Buffer Overflow 		CVE-2026-8711 2026-05-20 02:57 2026-05-20 Show GitHub Exploit DB Packet Storm
94 8.4 HIGH
Local 		- - An improper authentication vulnerability was discovered in the Motorola Factory Test component (com.motorola.motocit). The application contained a reference to a writable file descriptor in external … New - CVE-2026-5804 2026-05-20 02:57 2026-05-20 Show GitHub Exploit DB Packet Storm
95 5.0 MEDIUM
Network 		mattermost mattermost_server Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authenticated attacker to redirect… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-6333 2026-05-20 02:51 2026-05-18 Show GitHub Exploit DB Packet Storm
96 4.8 MEDIUM
Network 		nozominetworks cmc
guardian 		A Stored HTML Injection vulnerability was discovered in the Credentials Manager functionality due to improper validation of an input parameter. An authenticated user with administrative privileges ca… New CWE-79
Cross-site Scripting 		CVE-2025-40901 2026-05-20 02:47 2026-05-19 Show GitHub Exploit DB Packet Storm
97 9.8 CRITICAL
Network 		h2o h2o A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a… New CWE-20
CWE-502
 Improper Input Validation 
 Deserialization of Untrusted Data 		CVE-2026-8751 2026-05-20 02:46 2026-05-17 Show GitHub Exploit DB Packet Storm
98 4.8 MEDIUM
Network 		nozominetworks cmc
guardian 		A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can create a mal… New CWE-79
Cross-site Scripting 		CVE-2025-40902 2026-05-20 02:44 2026-05-19 Show GitHub Exploit DB Packet Storm
99 4.8 MEDIUM
Network 		nozominetworks cmc
guardian 		A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileg… New CWE-79
Cross-site Scripting 		CVE-2025-40903 2026-05-20 02:44 2026-05-19 Show GitHub Exploit DB Packet Storm
100 5.3 MEDIUM
Network 		h2o h2o A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the compon… New CWE-266
CWE-284
NVD-CWE-noinfo
 Incorrect Privilege Assignment
Improper Access Control 		CVE-2026-8752 2026-05-20 02:44 2026-05-17 Show GitHub Exploit DB Packet Storm