Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191731 5.5 警告
Local 		Conexant Systems, LLC - 複数の HP 製品上で稼動する Conexant Systems MicTray64 における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-8360 2017-06-13 17:41 2017-05-11 Show GitHub Exploit DB Packet Storm
191732 7.8 重要
Local 		Gemalto N.V. - Gemalto SmartDiag Diagnosis Tool におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-6953 2017-06-13 17:37 2017-05-8 Show GitHub Exploit DB Packet Storm
191733 7 重要
Local 		Google - MediaTek ビデオドライバにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-0617 2017-06-13 17:37 2017-05-1 Show GitHub Exploit DB Packet Storm
191734 3.8
Local 		VMware - Android 用 Airwatch Inbox における暗号に関する脆弱性 CWE-310
暗号の問題 		CVE-2017-4896 2017-06-13 17:32 2017-01-30 Show GitHub Exploit DB Packet Storm
191735 8.8 重要
Local 		VMware - Android 用 Airwatch Agent における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-4895 2017-06-13 17:32 2017-01-30 Show GitHub Exploit DB Packet Storm
191736 7 重要
Local 		Google - MediaTek コマンドキュードライバにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-0618 2017-06-13 17:31 2017-05-1 Show GitHub Exploit DB Packet Storm
191737 5.5 警告
Local 		CA Technologies - CA Client Automation の OS Installation Management コンポーネントにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-8391 2017-06-13 17:28 2017-05-4 Show GitHub Exploit DB Packet Storm
191738 6.5 警告
Network 		Google - Google Chrome の FFMPEG の libavformat/mov.c におけるメモリ二重解放の脆弱性 CWE-415
二重解放 		CVE-2015-1207 2017-06-13 17:02 2015-01-6 Show GitHub Exploit DB Packet Storm
191739 5.5 警告
Local 		lrzip project - lrzip で使用される LZO の lzo1x_d.ch の lzo1x_decompress 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-8845 2017-06-13 16:55 2017-03-25 Show GitHub Exploit DB Packet Storm
191740 5.5 警告
Local 		Linux - Linux Kernel の drivers/usb/serial/omninet.c の omninet_open 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2017-8925 2017-06-13 16:34 2017-03-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
121 3.5 LOW
Network 		- - HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentio… New CWE-1230
 Exposure of Sensitive Information Through Metadata 		CVE-2025-31959 2026-05-7 00:16 2026-05-7 Show GitHub Exploit DB Packet Storm
122 2.6 LOW
Network 		- - HHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. This could lead to unauthorized changes or exposure of sensitive data. New CWE-352
 Origin Validation Error 		CVE-2025-31957 2026-05-7 00:16 2026-05-7 Show GitHub Exploit DB Packet Storm
123 6.1 MEDIUM
Network 		n8n n8n n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowi… New CWE-601
Open Redirect 		CVE-2026-42230 2026-05-6 23:57 2026-05-5 Show GitHub Exploit DB Packet Storm
124 8.8 HIGH
Network 		n8n n8n n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the SeaTable node's row:search and row:get operations allowed user-controlled input to be… New CWE-89
SQL Injection 		CVE-2026-42229 2026-05-6 23:56 2026-05-5 Show GitHub Exploit DB Packet Storm
125 6.5 MEDIUM
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler (api/settings/settings.go:24-65) serializes all settings structs to JSON and returns the… New CWE-200
Information Exposure 		CVE-2026-42223 2026-05-6 23:46 2026-05-5 Show GitHub Exploit DB Packet Storm
126 9.8 CRITICAL
Network 		nginxui nginx_ui Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, nginx-ui exposes a backup restore endpoint (POST /api/restore) that is completely unauthenticated during the first 1… New CWE-94
Code Injection 		CVE-2026-42238 2026-05-6 23:45 2026-05-5 Show GitHub Exploit DB Packet Storm
127 6.5 MEDIUM
Network 		- - FolderUploadsFileManager in Apache Wicket does not validate or sanitize the uploadFieldId parameter or the clientFileName before constructing file paths, allowing an unauthenticated attacker to wri… New CWE-22
Path Traversal 		CVE-2026-43975 2026-05-6 23:16 2026-05-6 Show GitHub Exploit DB Packet Storm
128 8.1 HIGH
Network 		apache atlas Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can … New CWE-94
Code Injection 		CVE-2026-40563 2026-05-6 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm
129 6.6 MEDIUM
Local 		- - Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability… New CWE-94
Code Injection 		CVE-2026-35255 2026-05-6 23:16 2026-05-6 Show GitHub Exploit DB Packet Storm
130 6.1 MEDIUM
Local 		- - Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with netw… New CWE-22
Path Traversal 		CVE-2026-35254 2026-05-6 23:16 2026-05-6 Show GitHub Exploit DB Packet Storm