Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190921 8.2 重要
Network 		オラクル - Oracle E-Business Suite の Oracle CRM Technical Foundation における User Management に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10185 2017-08-21 15:07 2017-07-18 Show GitHub Exploit DB Packet Storm
190922 5.3 警告
Network 		オラクル - Oracle E-Business Suite の Oracle Field Service における Wireless/WAP に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10184 2017-08-21 15:07 2017-07-18 Show GitHub Exploit DB Packet Storm
190923 8.2 重要
Network 		オラクル - Oracle E-Business Suite の Oracle CRM Technical Foundation における CMRO に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10180 2017-08-21 15:07 2017-07-18 Show GitHub Exploit DB Packet Storm
190924 6.5 警告
Network 		オラクル - Oracle E-Business Suite の Application Management Pack for Oracle E-Business Suite における User Monitoring に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10179 2017-08-21 15:07 2017-07-18 Show GitHub Exploit DB Packet Storm
190925 8.1 重要
Network 		オラクル - Oracle E-Business Suite の Oracle Application Object Library における Flexfields に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10177 2017-08-21 15:07 2017-07-18 Show GitHub Exploit DB Packet Storm
190926 4.3 警告
Network 		オラクル - Oracle E-Business Suite の Oracle iSupport における Profiles に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10175 2017-08-21 15:06 2017-07-18 Show GitHub Exploit DB Packet Storm
190927 8.2 重要
Network 		オラクル - Oracle E-Business Suite の Oracle iSupport における Service Request に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10174 2017-08-21 15:06 2017-07-18 Show GitHub Exploit DB Packet Storm
190928 8.2 重要
Network 		オラクル - Oracle E-Business Suite の Oracle Marketing における Home Page に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10171 2017-08-21 15:06 2017-07-18 Show GitHub Exploit DB Packet Storm
190929 8.2 重要
Network 		オラクル - Oracle E-Business Suite の Oracle Field Service における Wireless/WAP に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10170 2017-08-21 15:06 2017-07-18 Show GitHub Exploit DB Packet Storm
190930 7.5 重要
Network 		オラクル - Oracle E-Business Suite の Oracle Applications Manager における Oracle Diagnostics Interfaces に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-10144 2017-08-21 15:06 2017-07-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 4.4 MEDIUM
Network 		- - ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the… New CWE-908
 Use of Uninitialized Resource 		CVE-2026-45736 2026-05-16 11:16 2026-05-16 Show GitHub Exploit DB Packet Storm
142 4.3 MEDIUM
Network 		- - phpMyFAQ before 4.1.2 contains missing permission checks in ConfigurationTabController.php where 12 endpoints use userIsAuthenticated() instead of userHasPermission(CONFIGURATION_EDIT). Any authentic… New CWE-862
 Missing Authorization 		CVE-2026-45007 2026-05-16 11:16 2026-05-16 Show GitHub Exploit DB Packet Storm
143 6.1 MEDIUM
Network 		- - Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.1, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Vvveb CMS com… New CWE-79
Cross-site Scripting 		CVE-2026-44366 2026-05-16 11:16 2026-05-16 Show GitHub Exploit DB Packet Storm
144 5.5 MEDIUM
Local 		microsoft word Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. Update CWE-284
NVD-CWE-noinfo
Improper Access Control 		CVE-2026-41101 2026-05-16 11:09 2026-05-13 Show GitHub Exploit DB Packet Storm
145 5.5 MEDIUM
Local 		microsoft powerpoint Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally. Update CWE-284
Improper Access Control 		CVE-2026-41102 2026-05-16 11:08 2026-05-13 Show GitHub Exploit DB Packet Storm
146 9.1 CRITICAL
Network 		microsoft confluence_saml_sso
jira_saml_sso 		Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network. Update CWE-303
NVD-CWE-Other
 Incorrect Implementation of Authentication Algorithm 		CVE-2026-41103 2026-05-16 11:07 2026-05-13 Show GitHub Exploit DB Packet Storm
147 7.8 HIGH
Local 		microsoft office Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Update CWE-122
Heap-based Buffer Overflow 		CVE-2026-42831 2026-05-16 11:05 2026-05-13 Show GitHub Exploit DB Packet Storm
148 5.5 MEDIUM
Local 		microsoft excel
office
word 		Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally. Update CWE-284
NVD-CWE-noinfo
Improper Access Control 		CVE-2026-42832 2026-05-16 11:03 2026-05-13 Show GitHub Exploit DB Packet Storm
149 5.5 MEDIUM
Local 		fortinet forticlient A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via <insert at… Update CWE-321
 Use of Hard-coded Cryptographic Key 		CVE-2026-44278 2026-05-16 10:59 2026-05-13 Show GitHub Exploit DB Packet Storm
150 5.5 MEDIUM
Local 		fortinet fortitoken_mobile A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow atta… Update CWE-926
 Improper Export of Android Application Components 		CVE-2026-44279 2026-05-16 10:57 2026-05-13 Show GitHub Exploit DB Packet Storm