Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192051	7.5	重要 Network	オラクル	-	Oracle Fusion Middleware の Oracle Social Network における Android Client に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3499	2017-05-31 12:03	2017-04-18	Show	GitHub Exploit DB Packet Storm

192052	8.6	重要 Network	オラクル	-	Oracle Fusion Middleware の Oracle Fusion Middleware MapViewer における Map Builder に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3230	2017-05-31 12:03	2017-04-18	Show	GitHub Exploit DB Packet Storm

192053	3.1	低 Network	オラクル	-	Oracle Fusion Middleware の Oracle GlassFish Server における Java Server Faces に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3626	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

192054	8.2	重要 Network	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Content における Content Server に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3625	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

192055	3.1	低 Network	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Sites における Advanced UI に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3603	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

192056	8.1	重要 Network	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Sites における Advanced UI に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3602	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

192057	8.1	重要 Network	オラクル	-	Oracle Fusion Middleware の Oracle API Gateway における脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3601	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

192058	3.1	低 Network	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Sites における Advanced UI に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3598	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

192059	5.7	警告 Network	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Sites における Advanced UI に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3597	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

192060	7.6	重要 Network	オラクル	-	Oracle Fusion Middleware の Oracle WebCenter Sites における Advanced UI に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3596	2017-05-31 10:36	2017-04-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
91	7.5	HIGH Network	xwiki	cryptpad	CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. Fixed in 2026.2.2. Update	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2025-51846	2026-05-5 01:52	2026-05-1	Show	GitHub Exploit DB Packet Storm

92	8.8	HIGH Network	progress	moveit_automation	Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation. This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before … Update	CWE-20 Improper Input Validation	CVE-2026-5174	2026-05-5 01:47	2026-05-1	Show	GitHub Exploit DB Packet Storm

93	5.5	MEDIUM Local	-	-	IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 New	CWE-476 NULL Pointer Dereference	CVE-2026-6525	2026-05-5 01:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

94	-		-	-	Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE … New	-	CVE-2026-37458	2026-05-5 01:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

95	-		-	-	An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep function… New	-	CVE-2026-36365	2026-05-5 01:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

96	6.5	MEDIUM Network	-	-	An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial() components New	CWE-125 Out-of-bounds Read	CVE-2025-70072	2026-05-5 01:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

97	6.5	MEDIUM Network	-	-	An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry() New	CWE-476 NULL Pointer Dereference	CVE-2025-70070	2026-05-5 01:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

98	6.5	MEDIUM Network	-	-	During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference (IDOR) attack. This vulnerability ex… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-5337	2026-05-5 00:23	2026-05-3	Show	GitHub Exploit DB Packet Storm

99	5.3	MEDIUM Network	-	-	The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information. New	CWE-552 Files or Directories Accessible to External Parties	CVE-2026-5335	2026-05-5 00:23	2026-05-4	Show	GitHub Exploit DB Packet Storm

100	3.3	LOW Local	-	-	An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab() Update	CWE-369 Divide By Zero	CVE-2026-21996	2026-05-5 00:22	2026-05-2	Show	GitHub Exploit DB Packet Storm