Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191211	9.8	緊急 Network	オラクル	-	Oracle GlassFish Server における Java キーストアのパスワードを公開される脆弱性	CWE-287 不適切な認証	CVE-2017-1000030	2017-08-9 14:10	2017-07-17	Show	GitHub Exploit DB Packet Storm

191212	7.5	重要 Network	オラクル	-	Oracle GlassFish Server におけるローカルファイルインクルージョンの脆弱性	CWE-200 情報漏えい	CVE-2017-1000029	2017-08-9 14:10	2017-07-17	Show	GitHub Exploit DB Packet Storm

191213	7.5	重要 Network	オラクル	-	Oracle GlassFish Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2017-1000028	2017-08-9 14:10	2017-07-17	Show	GitHub Exploit DB Packet Storm

191214	7.8	重要 Local	unrar-free	-	unrar-free の unrarlib.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2017-11190	2017-08-9 11:29	2017-07-7	Show	GitHub Exploit DB Packet Storm

191215	6.5	警告 Network	unrar-free	-	unrar-free の unrarlib.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-11189	2017-08-9 11:29	2017-07-7	Show	GitHub Exploit DB Packet Storm

191216	9.8	緊急 Network	GLPI-PROJECT.ORG	-	GLPI の Conditon ルールフィールドにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-11475	2017-08-8 19:06	2017-07-18	Show	GitHub Exploit DB Packet Storm

191217	9.8	緊急 Network	GLPI-PROJECT.ORG	-	GLPI の inc/computer_softwareversion.class.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-11474	2017-08-8 19:05	2017-07-18	Show	GitHub Exploit DB Packet Storm

191218	8.1	重要 Network	マイクロソフト	-	Microsoft Edge におけるリモートでコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2017-0152	2017-08-8 18:10	2017-03-9	Show	GitHub Exploit DB Packet Storm

191219	6.5	警告 Network	SAP	-	SAP NetWeaver の disp+work におけるサービス運用妨害 (DoS) の脆弱性	CWE-400 リソースの枯渇	CVE-2017-9845	2017-08-8 17:07	2017-03-14	Show	GitHub Exploit DB Packet Storm

191220	9.8	緊急 Network	SAP	-	SAP NetWeaver におけるサービス運用妨害 (DoS) の脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2017-9844	2017-08-8 17:07	2017-03-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
721	6.5	MEDIUM Network	-	-	kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer (Kusto). Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the k… Update	CWE-943 Improper Neutralization of Special Elements in Data Query Logic	CVE-2026-42316	2026-05-14 01:53	2026-05-12	Show	GitHub Exploit DB Packet Storm

722	6.1	MEDIUM Network	-	-	fast-xml-builder builds XML from JSON. Prior to 1.1.7, when an input data has quotes in attribute values but process entities is not enabled, it breaks the attribute value into multiple attributes. T… New	CWE-91 Blind XPath Injection	CVE-2026-44665	2026-05-14 01:53	2026-05-14	Show	GitHub Exploit DB Packet Storm

723	6.2	MEDIUM Local	-	-	Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expand_rows() can corrupt the relationship between the grid’s logical dimensions and … Update	CWE-190 Integer Overflow or Wraparound	CVE-2026-42199	2026-05-14 01:52	2026-05-9	Show	GitHub Exploit DB Packet Storm

724	6.5	MEDIUM Network	-	-	FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_mes… Update	CWE-369 Divide By Zero	CVE-2026-42209	2026-05-14 01:52	2026-05-9	Show	GitHub Exploit DB Packet Storm

725	-		-	-	Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to versions 2.11.1-lts, 2.16.0-lts, and 2.17.0, the generated authentication filter … Update	CWE-200 Information Exposure	CVE-2026-42333	2026-05-14 01:52	2026-05-10	Show	GitHub Exploit DB Packet Storm

726	7.9	HIGH Local	-	-	Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when … Update	CWE-200 CWE-312 Information Exposure Cleartext Storage of Sensitive Information	CVE-2026-41520	2026-05-14 01:49	2026-05-9	Show	GitHub Exploit DB Packet Storm

727	-		-	-	Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code e… Update	CWE-190 CWE-787 Integer Overflow or Wraparound Out-of-bounds Write	CVE-2026-42311	2026-05-14 01:49	2026-05-9	Show	GitHub Exploit DB Packet Storm

728	-		-	-	Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.18.0, four GET endpoints under /api/templates* in Arcane's Huma backend are registered without… Update	CWE-862 Missing Authorization	CVE-2026-42461	2026-05-14 01:49	2026-05-9	Show	GitHub Exploit DB Packet Storm

729	-		-	-	Roadiz is a polymorphic content management system based on a node system. Prior to versions 2.3.43, 2.5.45, 2.6.31, and 2.7.18, the roadiz/openid package generates an OIDC nonce in OAuth2LinkGenerato… Update	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-42206	2026-05-14 01:49	2026-05-9	Show	GitHub Exploit DB Packet Storm

730	7.6	HIGH Network	-	-	ipl/web is a set of common web components for php projects. Prior to version 0.13.1, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the conte… Update	CWE-79 Cross-site Scripting	CVE-2026-42224	2026-05-14 01:49	2026-05-9	Show	GitHub Exploit DB Packet Storm