Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191861 5.5 警告
Local 		Underbit Technologies, Inc. - Underbit MAD libmad の bit.c の mad_bit_skip 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-8374 2017-06-5 17:34 2017-04-30 Show GitHub Exploit DB Packet Storm
191862 7.8 重要
Local 		Underbit Technologies, Inc. - Underbit MAD libmad の layer3.c の mad_layer_III 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2017-8373 2017-06-5 17:34 2017-04-30 Show GitHub Exploit DB Packet Storm
191863 6.1 警告
Network 		Proxmox Server Solutions - Proxmox Mail Gateway におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-9057 2017-06-5 17:33 2015-12-30 Show GitHub Exploit DB Packet Storm
191864 7.8 重要
Local 		Linux - Linux Kernel の kernel/events/core.c における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-9004 2017-06-5 17:23 2015-01-23 Show GitHub Exploit DB Packet Storm
191865 6.5 警告
Network 		Brave Software Inc. - Brave におけるセキュリティ機能に関する脆弱性 CWE-254
セキュリティ機能 		CVE-2017-8458 2017-06-5 17:22 2017-05-3 Show GitHub Exploit DB Packet Storm
191866 9.1 緊急
Network 		Avahi - Avahi の avahi-daemon におけるサービス運用妨害 (DoS) の脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-6519 2017-06-5 17:17 2017-02-24 Show GitHub Exploit DB Packet Storm
191867 7.8 重要
Local 		Google
Linux		 - NVIDIA ビデオドライバにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-0331 2017-06-5 17:08 2017-05-1 Show GitHub Exploit DB Packet Storm
191868 4.7 警告
Local 		Irfan Skiljan - IrfanView における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-7721 2017-06-5 16:54 2017-04-30 Show GitHub Exploit DB Packet Storm
191869 8.1 重要
Network 		Kozea Project - Radicale における競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2017-8342 2017-06-5 16:54 2017-04-19 Show GitHub Exploit DB Packet Storm
191870 5.4 警告
Network 		MetalGenix - GeniXCMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-8762 2017-06-5 16:52 2017-05-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
81 8.1 HIGH
Network 		agilonhealth minerva An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authentic… Update CWE-284
Improper Access Control 		CVE-2026-5780 2026-05-5 23:22 2026-04-28 Show GitHub Exploit DB Packet Storm
82 5.5 MEDIUM
Local 		canonical pdfunite PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmen… Update CWE-120
Classic Buffer Overflow 		CVE-2018-25306 2026-05-5 23:22 2026-04-30 Show GitHub Exploit DB Packet Storm
83 8.8 HIGH
Network 		agilonhealth minerva An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the inf… Update CWE-284
Improper Access Control 		CVE-2026-5779 2026-05-5 23:20 2026-04-28 Show GitHub Exploit DB Packet Storm
84 9.8 CRITICAL
Network 		- - A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-bas… New CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-7834 2026-05-5 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm
85 5.0 MEDIUM
Network 		- - An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, an… New CWE-269
 Improper Privilege Management 		CVE-2026-7778 2026-05-5 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm
86 - - - In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message. New CWE-125
Out-of-bounds Read 		CVE-2026-6918 2026-05-5 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm
87 7.5 HIGH
Network 		- - The WeePie Cookie Allow plugin for WordPress is vulnerable to SQL Injection via the 'consent' parameter in all versions up to, and including, 3.4.11 due to insufficient escaping on the user supplied … New CWE-89
SQL Injection 		CVE-2026-4304 2026-05-5 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm
88 7.2 HIGH
Network 		- - OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality (modules/aggiornamenti/upload_modules.php) New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-38751 2026-05-5 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm
89 - - - An issue was discovered in Gambio 4.9.2.0 (patched in 2024-02 v1.0.0 for GX4 v4.0.0.0 to v4.9.2.0). The password reset function can be bypassed to set arbitrary passwords for arbitrary accounts if th… New - CVE-2026-34408 2026-05-5 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm
90 6.5 MEDIUM
Network 		- - Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to C… New CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2026-27644 2026-05-5 23:16 2026-05-5 Show GitHub Exploit DB Packet Storm