Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192441 5.7 警告
Network 		Horde - Horde_Image におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2017-9773 2017-07-20 16:54 2017-06-21 Show GitHub Exploit DB Packet Storm
192442 7.5 重要
Network 		VIVOTEK Inc. - 複数の VIVOTEK Network Camera 製品の Web サービスの /cgi-bin/admin/downloadMedias.cgi における任意のファイルを読まれる脆弱性 CWE-22
パス・トラバーサル 		CVE-2017-9829 2017-07-20 16:50 2017-06-22 Show GitHub Exploit DB Packet Storm
192443 9.8 緊急
Network 		VIVOTEK Inc. - 複数の VIVOTEK Network Camera 製品の Web サービスの /cgi-bin/admin/testserver.cgi におけるシェルコマンドを挿入される脆弱性 CWE-77
コマンドインジェクション 		CVE-2017-9828 2017-07-20 16:50 2017-06-22 Show GitHub Exploit DB Packet Storm
192444 7.8 重要
Local 		radare - radare2 の shlr/grub/kern/misc.c の grub_memmove 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2017-9949 2017-07-20 16:47 2017-06-5 Show GitHub Exploit DB Packet Storm
192445 9.8 緊急
Network 		Foscam - Foscam C1 Indoor HD カメラの Web 管理インターフェースにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2017-2805 2017-07-20 16:47 2017-06-19 Show GitHub Exploit DB Packet Storm
192446 8.1 重要
Network 		マイクロソフト - Azure AD Connect におけるパスワードをリセットされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8613 2017-07-20 16:41 2017-06-28 Show GitHub Exploit DB Packet Storm
192447 8.8 重要
Network 		Foscam - Foscam C1 Indoor HD カメラの Web 管理インターフェースにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2017-2841 2017-07-20 16:38 2017-06-19 Show GitHub Exploit DB Packet Storm
192448 7.5 重要
Network 		tpm2-tools project - tpm2-tools におけるパスワードの漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-7524 2017-07-20 16:38 2017-06-22 Show GitHub Exploit DB Packet Storm
192449 5.9 警告
Network 		OpenVPN Technologies - OpenVPN における二重解放に関する脆弱性 CWE-415
二重解放 		CVE-2017-7521 2017-07-20 16:36 2017-06-22 Show GitHub Exploit DB Packet Storm
192450 7.4 重要
Network 		OpenVPN Technologies - OpenVPN における証明書検証に関する脆弱性 CWE-295
不正な証明書検証 		CVE-2017-7520 2017-07-20 16:36 2017-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2011 4.7 MEDIUM
Network 		- - A security vulnerability has been detected in jishenghua jshERP up to 3.6. This affects the function getUserByWeixinCode of the file jshERP-boot/src/main/java/com/jsh/erp/service/UserService.java of … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8320 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
2012 7.3 HIGH
Network 		- - A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. P… CWE-287
CWE-288
Improper Authentication
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-8321 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
2013 - - - CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in ra… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-6866 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
2014 4.4 MEDIUM
Local 		- - An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a sh… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-7431 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
2015 7.8 HIGH
Local 		- - A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM CWE-362
Race Condition 		CVE-2026-7432 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
2016 6.5 MEDIUM
Network 		- - An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials. CWE-749
 Exposed Dangerous Method or Function 		CVE-2026-8109 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
2017 7.8 HIGH
Local 		- - Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-8110 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
2018 8.8 HIGH
Network 		- - SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution. CWE-89
SQL Injection 		CVE-2026-8111 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
2019 8.8 HIGH
Network 		pi-hole ftldns Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the `dns.interface` configuration field in Pi-hole FTL accepted newline charac… CWE-93
CRLF Injection 		CVE-2026-39849 2026-05-13 01:27 2026-05-6 Show GitHub Exploit DB Packet Storm
2020 8.8 HIGH
Network 		anthropic claude_code In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious reposi… CWE-20
CWE-77
NVD-CWE-noinfo
 Improper Input Validation 
Command Injection 		CVE-2026-40068 2026-05-13 01:21 2026-05-6 Show GitHub Exploit DB Packet Storm