Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 12:08 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191211	7.8	重要 Local	The NASM development team	-	Netwide Assembler の preproc.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2017-11111	2017-08-3 10:46	2017-07-25	Show	GitHub Exploit DB Packet Storm

191212	4.9	警告 Network	DELL EMC (旧 EMC Corporation)	-	EMC Data Protection Advisor におけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2017-8003	2017-08-3 10:23	2017-07-6	Show	GitHub Exploit DB Packet Storm

191213	8.8	重要 Network	DELL EMC (旧 EMC Corporation)	-	EMC Data Protection Advisor における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-8002	2017-08-3 10:23	2017-07-6	Show	GitHub Exploit DB Packet Storm

191214	6.5	警告 Network	IBM	-	IBM WebSphere MQ におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2017-1236	2017-08-3 10:14	2017-06-15	Show	GitHub Exploit DB Packet Storm

191215	5.4	警告 Network	IBM	-	IBM Rational Team Concert におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-1113	2017-08-3 10:14	2017-06-30	Show	GitHub Exploit DB Packet Storm

191216	5.4	警告 Network	IBM	-	IBM Jazz Reporting Service におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-1096	2017-08-3 10:14	2017-06-30	Show	GitHub Exploit DB Packet Storm

191217	7.5	重要 Network	IBM	-	IBM Security Guardium におけるリソースまたは機能を公開される脆弱性	CWE-287 不適切な認証	CVE-2017-1264	2017-08-2 19:00	2017-06-29	Show	GitHub Exploit DB Packet Storm

191218	6.5	警告 Network	IBM	-	IBM Security Guardium における認証に関する脆弱性	CWE-287 不適切な認証	CVE-2017-1258	2017-08-2 19:00	2017-06-29	Show	GitHub Exploit DB Packet Storm

191219	7.1	重要 Network	IBM	-	IBM Security Guardium における XML 外部エンティティインジェクションの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2017-1254	2017-08-2 19:00	2017-06-29	Show	GitHub Exploit DB Packet Storm

191220	9.9	緊急 Network	IBM	-	IBM Security Guardium におけるシステム上で任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2017-1253	2017-08-2 19:00	2017-06-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
361	-		-	-	Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800 New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-30810	2026-05-13 01:47	2026-05-13	Show	GitHub Exploit DB Packet Storm

362	-		-	-	Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800 New	CWE-89 SQL Injection	CVE-2026-34187	2026-05-13 01:47	2026-05-13	Show	GitHub Exploit DB Packet Storm

363	-		-	-	An improper authorization vulnerability in HCL BigFix WebUI allows an authenticated user without Master Operator privileges to access internal data (site names, versions, and configuration variables)… Update	CWE-863 Incorrect Authorization	CVE-2025-15633	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

364	-		-	-	A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized… Update	CWE-862 Missing Authorization	CVE-2025-15634	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

365	-		-	-	ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, a composite denial-of-service vulnerability in Zebra's block discovery pipeline allows an unauthenticated remote attacker to pe… Update	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-44499	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

366	5.3	MEDIUM Network	-	-	novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users to read image files outside the intend… Update	CWE-22 Path Traversal	CVE-2026-42028	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

367	7.5	HIGH Network	-	-	Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. Update	CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	CVE-2026-6659	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

368	-		-	-	Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, leading to complete server co… Update	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-41517	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

369	9.1	CRITICAL Network	-	-	Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, the /webhooks/sns endpoint accepts Amazon SNS notification payloads from unauthenticated requests without verif… Update	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-42193	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm

370	3.4	LOW Network	-	-	draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.9, the draw.io client accepts a ?gitlab= URL parameter that overrides the GitLab server URL used during OAut… Update	CWE-200 CWE-601 Information Exposure Open Redirect	CVE-2026-42195	2026-05-13 01:45	2026-05-9	Show	GitHub Exploit DB Packet Storm