Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190971 9.8 緊急
Network 		OnePlus - OnePlus 2 Primary Bootloader における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-11105 2017-09-6 18:22 2017-08-1 Show GitHub Exploit DB Packet Storm
190972 9.8 緊急
Network 		Zoho Corporation - Zoho ManageEngine OpManager における暗号に関する脆弱性 CWE-310
暗号の問題 		CVE-2015-9107 2017-09-6 18:16 2015-10-8 Show GitHub Exploit DB Packet Storm
190973 7.8 重要
Local 		NVIDIA - NVIDIA Windows GPU Display Driver における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-6252 2017-09-6 18:02 2017-07-24 Show GitHub Exploit DB Packet Storm
190974 7.8 重要
Local 		NVIDIA - NVIDIA Windows GPU Display Driver におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-6251 2017-09-6 18:02 2017-07-24 Show GitHub Exploit DB Packet Storm
190975 9.8 緊急
Network 		shadow project - shadow におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-12424 2017-09-6 17:41 2017-03-31 Show GitHub Exploit DB Packet Storm
190976 6.1 警告
Network 		Andreas Gohr - DokuWiki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12583 2017-09-6 17:39 2017-08-12 Show GitHub Exploit DB Packet Storm
190977 4.8 警告
Network 		Splunk - Splunk Enterprise および Splunk Light におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12572 2017-09-6 17:39 2017-02-23 Show GitHub Exploit DB Packet Storm
190978 6.1 警告
Network 		アクシスコミュニケーションズ - AXIS 2100 デバイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-12413 2017-09-6 17:35 2017-08-4 Show GitHub Exploit DB Packet Storm
190979 7.3 重要
Local 		Dashlane Inc. - Dashlane における信頼性のない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2017-11657 2017-09-6 17:27 2017-08-3 Show GitHub Exploit DB Packet Storm
190980 9.1 緊急
Network 		MEDHOST, Inc. - MEDHOST Document Management System におけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2017-11694 2017-09-6 17:18 2017-07-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
901 3.7 LOW
Network 		- - A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation cau… CWE-327
CWE-328
 Use of a Broken or Risky Cryptographic Algorithm
 Use of Weak Hash 		CVE-2026-8803 2026-05-18 21:16 2026-05-18 Show GitHub Exploit DB Packet Storm
902 - - - Denial-of-service condition in M-Files Server versions before 26.5.16015.0, before 26.2 LTS, and before 25.8 LTS SR3 allows an authenticated user to cause the MFserver process to crash CWE-1286
 Improper Validation of Syntactic Correctness of Input 		CVE-2026-0983 2026-05-18 21:16 2026-05-18 Show GitHub Exploit DB Packet Storm
903 7.5 HIGH
Network 		netty netty Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the MQTT 5 header Properties section is parsed and buffered before any message size limi… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-44248 2026-05-18 21:15 2026-05-14 Show GitHub Exploit DB Packet Storm
904 8.2 HIGH
Network 		thecodingmachine gotenberg Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary… CWE-184
 Incomplete Blacklist 		CVE-2026-42590 2026-05-18 21:15 2026-05-15 Show GitHub Exploit DB Packet Storm
905 9.1 CRITICAL
Network 		netty netty Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll() onc… CWE-444
HTTP Request Smuggling 		CVE-2026-42584 2026-05-18 21:15 2026-05-14 Show GitHub Exploit DB Packet Storm
906 4.3 MEDIUM
Network 		- - A vulnerability was detected in opensourcepos Open Source Point of Sale up to 3.4.2. This issue affects the function getPicThumb of the file app/Controllers/Items.php. The manipulation of the argumen… CWE-22
Path Traversal 		CVE-2026-8802 2026-05-18 20:16 2026-05-18 Show GitHub Exploit DB Packet Storm
907 - - - Authorization Bypass vulnerability in Creartia's ICMS software could allow an attacker to gain unauthorized access to protected features by manipulating the HTTP redirect headers of the login process… CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-4320 2026-05-18 20:16 2026-05-18 Show GitHub Exploit DB Packet Storm
908 7.3 HIGH
Network 		- - A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update_info.php of the component GET Param… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-8785 2026-05-18 13:16 2026-05-18 Show GitHub Exploit DB Packet Storm
909 4.2 MEDIUM
Local 		- - A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink following. The attack r… CWE-59
CWE-61
Link Following
 UNIX Symbolic Link (Symlink) Following 		CVE-2026-8784 2026-05-18 13:16 2026-05-18 Show GitHub Exploit DB Packet Storm
910 4.3 MEDIUM
Network 		- - A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to nul… CWE-404
CWE-476
 Improper Resource Shutdown or Release
 NULL Pointer Dereference 		CVE-2026-8783 2026-05-18 13:16 2026-05-18 Show GitHub Exploit DB Packet Storm