Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192011	6.1	警告 Network	アドビシステムズ日立	-	Adobe RoboHelp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-7891	2017-05-31 19:46	2016-12-13	Show	GitHub Exploit DB Packet Storm

192012	7.2	重要 Network	ブルーコートシステムズ	-	SSL Visibility Appliance における RST パケットの生成に関する問題	CWE-Other その他	CVE-2016-10259	2017-05-31 19:15	2017-05-24	Show	GitHub Exploit DB Packet Storm

192013	5.4	警告 Network	Todd Austin	-	Canvas におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-8298	2017-05-31 18:41	2017-04-23	Show	GitHub Exploit DB Packet Storm

192014	7.5	重要 Network	VirusTotal	-	YARA の regex コンポーネントの libyara/re.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2017-8294	2017-05-31 18:35	2017-04-27	Show	GitHub Exploit DB Packet Storm

192015	4.8	警告 Network	アップル	-	Apple iOS の Find My iPhone におけるデバイスをワイプされる脆弱性	CWE-254 セキュリティ機能	CVE-2010-1776	2017-05-31 18:17	2010-06-21	Show	GitHub Exploit DB Packet Storm

192016	8.8	重要 Network	OpenText	-	OpenText Documentum Content Server におけるスーパーユーザ権限で任意のコードを実行される脆弱性	CWE-89 SQLインジェクション	CVE-2017-7221	2017-05-31 17:57	2017-04-25	Show	GitHub Exploit DB Packet Storm

192017	8.8	重要 Network	WECON Technology Co., Ltd.	-	LEVI Studio HMI Editor におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2017-6037	2017-05-31 17:51	2017-04-13	Show	GitHub Exploit DB Packet Storm

192018	8.8	重要 Network	WECON Technology Co., Ltd.	-	LEVI Studio HMI Editor におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2017-6035	2017-05-31 17:50	2017-04-13	Show	GitHub Exploit DB Packet Storm

192019	5.5	警告 Local	Linux	-	Linux Kernel の arch/x86/kvm/vmx.c の handle_invept 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2017-8106	2017-05-31 17:45	2017-03-31	Show	GitHub Exploit DB Packet Storm

192020	7	重要 Local	Linux	-	Linux Kernel の MACsec モジュールの drivers/net/macsec.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2017-7477	2017-05-31 17:45	2017-04-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
31	-		-	-	Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtension(C… New	CWE-470 Unsafe Reflection	CVE-2026-42027	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

32	5.3	MEDIUM Network	-	-	Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/{id}, /api/… New	CWE-285 Improper Authorization	CVE-2026-41572	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

33	9.4	CRITICAL Network	-	-	Note Mark is an open-source note-taking application. In version 0.19.2, IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt("null") placeholder whenever a user has no stored pas… New	CWE-287 Improper Authentication	CVE-2026-41571	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

34	7.5	HIGH Network	-	-	Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to en… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-41471	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

35	-		-	-	XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor … New	CWE-611 XXE	CVE-2026-40682	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

36	-		-	-	An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message. New	-	CVE-2026-37459	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

37	8.8	HIGH Network	-	-	An XML external entity (XXE) vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload. Update	CWE-611 XXE	CVE-2026-36765	2026-05-5 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

38	8.8	HIGH Network	-	-	An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary fi… Update	CWE-22 Path Traversal	CVE-2026-36762	2026-05-5 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

39	7.5	HIGH Network	-	-	Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue. New	CWE-126 Buffer Over-read	CVE-2026-34059	2026-05-5 03:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

40	5.3	MEDIUM Network	-	-	Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… New	CWE-125 CWE-170 Out-of-bounds Read Improper Null Termination	CVE-2026-34032	2026-05-5 03:16	2026-05-4	Show	GitHub Exploit DB Packet Storm