Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191801	7.5	重要 Network	F5 Networks	-	複数の F5 BIG-IP 製品における競合状態に関する脆弱性	CWE-362 競合状態	CVE-2016-9256	2017-06-6 18:00	2016-11-9	Show	GitHub Exploit DB Packet Storm

191802	7.5	重要 Network	F5 Networks	-	複数の F5 BIG-IP 製品における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2016-9253	2017-06-6 18:00	2016-11-9	Show	GitHub Exploit DB Packet Storm

191803	8.8	重要 Network	F5 Networks	-	複数の F5 BIG-IP 製品における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-9251	2017-06-6 18:00	2016-11-9	Show	GitHub Exploit DB Packet Storm

191804	6.5	警告 Network	Kerio Technologies	-	Kerio Connect および Kerio Connect Client desktop application for Windows and Mac におけるクリックジャッキング攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2017-7440	2017-06-6 17:41	2017-05-2	Show	GitHub Exploit DB Packet Storm

191805	3.8	低 Local	Xen プロジェクト SUSE	-	Xen の PV ゲストにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2017-7995	2017-06-6 17:23	2017-05-2	Show	GitHub Exploit DB Packet Storm

191806	6.1	警告 Network	KMC Information Systems, L.C.	-	KMCIS CaseAware におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-5631	2017-06-6 17:22	2017-04-28	Show	GitHub Exploit DB Packet Storm

191807	6.1	警告 Network	Symphony CMS	-	Symphony 2 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-8876	2017-06-6 17:04	2017-05-10	Show	GitHub Exploit DB Packet Storm

191808	7.8	重要 Local	Rapid7	-	Rapid7 AppSpider Pro インストーラにおける DLL をプリロードされる脆弱性	CWE-426 信頼性のない検索パス	CVE-2017-5236	2017-06-6 17:01	2017-04-26	Show	GitHub Exploit DB Packet Storm

191809	5.5	警告 Local	lrzip project	-	lrzip の liblrzip.so の libzpaq/libzpaq.h の bufRead::get() 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-416 解放済みメモリの使用	CVE-2017-8847	2017-06-6 16:54	2017-03-25	Show	GitHub Exploit DB Packet Storm

191810	5.5	警告 Local	lrzip project	-	lrzip の liblrzip.so の stream.c の read_stream 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-416 解放済みメモリの使用	CVE-2017-8846	2017-06-6 16:54	2017-03-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1	9.8	CRITICAL Network	-	-	A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7853	2026-05-6 03:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

2	7.2	HIGH Network	-	-	A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The atta… New	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-7851	2026-05-6 03:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

3	-		-	-	An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend. … Update	CWE-89 SQL Injection	CVE-2026-5394	2026-05-6 03:16	2026-04-28	Show	GitHub Exploit DB Packet Storm

4	5.3	MEDIUM Network	-	-	An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthen… New	CWE-696 Incorrect Behavior Order	CVE-2026-43002	2026-05-6 03:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

5	9.1	CRITICAL Network	-	-	The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint. New	CWE-78 CWE-306 OS Command Missing Authentication for Critical Function	CVE-2026-36356	2026-05-6 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

6	7.7	HIGH Local	-	-	The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK (all known versions through v3.4.14B) does not perform any access control checks on the write_mem (ioctl 0x89F5) and read_mem (ioct… New	CWE-200 CWE-782 CWE-787 Information Exposure Exposed IOCTL with Insufficient Access Control Out-of-bounds Write	CVE-2026-36355	2026-05-6 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

7	9.8	CRITICAL Network	synway	smg_gateway_management_software	Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and in… Update	CWE-78 OS Command	CVE-2025-71284	2026-05-6 03:09	2026-05-1	Show	GitHub Exploit DB Packet Storm

8	8.0	HIGH Network	jenkins	html_publisher	Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with… Update	CWE-79 Cross-site Scripting	CVE-2026-42524	2026-05-6 03:06	2026-04-29	Show	GitHub Exploit DB Packet Storm

9	9.0	CRITICAL Network	jenkins	github	Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling", resulting in a… Update	CWE-79 Cross-site Scripting	CVE-2026-42523	2026-05-6 03:06	2026-04-29	Show	GitHub Exploit DB Packet Storm

10	5.9	MEDIUM Network	elastic	elastic_package_registry	Improper Verification of Cryptographic Signature (CWE-347) in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence the contents served t… Update	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-33467	2026-05-6 02:55	2026-04-29	Show	GitHub Exploit DB Packet Storm