Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190891 7.8 重要
Local 		Sandboxie Holdings, LLC. - Sandboxie インストーラにおける信頼性のない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2017-12480 2017-09-5 16:37 2017-08-6 Show GitHub Exploit DB Packet Storm
190892 7.8 重要
Local 		OpenEXR - OpenEXR におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-12596 2017-09-5 16:37 2017-07-29 Show GitHub Exploit DB Packet Storm
190893 5.5 警告
Local 		Linux - Linux Kernel におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2006-3635 2017-09-5 16:32 2006-08-15 Show GitHub Exploit DB Packet Storm
190894 9.8 緊急
Network 		Actian Corporation - Actian Pervasive PSQL および Zen におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-11757 2017-09-5 16:24 2017-01-1 Show GitHub Exploit DB Packet Storm
190895 6.1 警告
Network 		シスコシステムズ - Cisco Adaptive Security Appliance におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6765 2017-09-5 16:23 2017-08-2 Show GitHub Exploit DB Packet Storm
190896 5.4 警告
Network 		シスコシステムズ - Cisco Adaptive Security Appliance におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6764 2017-09-5 16:23 2017-08-2 Show GitHub Exploit DB Packet Storm
190897 7.5 重要
Network 		シスコシステムズ - Cisco Meeting Server における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6763 2017-09-5 16:23 2017-08-2 Show GitHub Exploit DB Packet Storm
190898 6.1 警告
Network 		シスコシステムズ - Cisco Jabber Guest Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6762 2017-09-5 16:23 2017-08-2 Show GitHub Exploit DB Packet Storm
190899 6.1 警告
Network 		シスコシステムズ - Cisco Finesse におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6761 2017-09-5 16:23 2017-08-2 Show GitHub Exploit DB Packet Storm
190900 6.5 警告
Network 		シスコシステムズ - Cisco Prime Collaboration Provisioning Tool における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6759 2017-09-5 16:23 2017-08-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
801 7.5 HIGH
Network 		- - phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attac… Update CWE-89
SQL Injection 		CVE-2026-46359 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
802 5.4 MEDIUM
Network 		- - phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities() that limits recursive entity decoding to 5 iterations, allowing attackers to bypass san… Update CWE-79
Cross-site Scripting 		CVE-2026-46360 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
803 6.9 MEDIUM
Network 		- - phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in search.twig where result.question and result.answerPreview are rendered with the raw filter, disabling autoescape protect… Update CWE-79
Cross-site Scripting 		CVE-2026-46361 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
804 6.5 MEDIUM
Network 		- - phpMyFAQ before 4.1.2 contains an authorization bypass vulnerability in AbstractAdministrationController::userHasPermission() that fails to terminate execution after sending a forbidden response. Att… Update CWE-863
 Incorrect Authorization 		CVE-2026-46362 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
805 5.4 MEDIUM
Network 		- - phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in FAQ creation and update endpoints that bypass sanitization through encode-decode cycles. The vulnerability allows authent… Update CWE-79
Cross-site Scripting 		CVE-2026-46363 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
806 9.8 CRITICAL
Network 		- - phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent h… Update CWE-89
SQL Injection 		CVE-2026-46364 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
807 5.4 MEDIUM
Network 		- - phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/{tagId} endpoint that allows any authenticated user to delete tags. Any logged-in user, incl… Update CWE-862
 Missing Authorization 		CVE-2026-46365 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
808 7.5 HIGH
Network 		- - phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId() method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted … Update CWE-863
 Incorrect Authorization 		CVE-2026-46366 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
809 7.6 HIGH
Network 		- - phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl() that allows authenticated users to inject JavaScript via malformed URLs in comments. Attackers can craf… Update CWE-79
Cross-site Scripting 		CVE-2026-46367 2026-05-19 02:25 2026-05-16 Show GitHub Exploit DB Packet Storm
810 6.1 MEDIUM
Network 		siemens teamcenter A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All … Update CWE-79
Cross-site Scripting 		CVE-2026-33862 2026-05-19 02:23 2026-05-12 Show GitHub Exploit DB Packet Storm