Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192631	8.8	重要 Network	Unitrends	-	Unitrends Enterprise Backup における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-7283	2017-05-18 16:23	2017-04-14	Show	GitHub Exploit DB Packet Storm

192632	9.8	緊急 Network	Google	-	Android One デバイス上で稼動する Android の Qualcomm GPS サブシステムにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-6727	2017-05-18 16:23	2016-11-7	Show	GitHub Exploit DB Packet Storm

192633	7.8	重要 Local	Phusion B.V.	-	Phusion Passenger における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-10345	2017-05-18 16:23	2016-11-9	Show	GitHub Exploit DB Packet Storm

192634	7.5	重要 Network	flatCore	-	flatCore における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-7879	2017-05-18 16:19	2017-04-11	Show	GitHub Exploit DB Packet Storm

192635	9.8	緊急 Network	flatCore	-	flatCore における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2017-7878	2017-05-18 16:19	2017-04-12	Show	GitHub Exploit DB Packet Storm

192636	8.8	重要 Network	flatCore	-	flatCore におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-7877	2017-05-18 16:19	2017-04-12	Show	GitHub Exploit DB Packet Storm

192637	8.8	重要 Network	BigTree CMS	-	BigTree CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2017-7881	2017-05-18 16:00	2017-04-14	Show	GitHub Exploit DB Packet Storm

192638	8.8	重要 Network	MantisBT Group	-	MantisBT における任意のパスワードにリセットされる脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2017-7615	2017-05-18 15:55	2017-04-8	Show	GitHub Exploit DB Packet Storm

192639	9.8	緊急 Network	サムスン	-	Samsung SM-G920F デバイス上で稼動する SecEmailSync における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-2566	2017-05-18 15:05	2016-02-2	Show	GitHub Exploit DB Packet Storm

192640	3.3	低 Local	サムスン	-	Samsung SM-G920F デバイス上で稼動する SecEmailSync における送信済み電子メールメッセージを読まれる脆弱性	CWE-200 情報漏えい	CVE-2016-2565	2017-05-18 15:05	2016-02-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
281	8.8	HIGH Adjacent	-	-	miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diagnostic_request. A 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) receives … New	-	CVE-2026-37536	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

282	7.1	HIGH Adjacent	-	-	openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac (2021-08-09) contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is us… New	-	CVE-2026-37535	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

283	-		-	-	Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Transfer,allows attackers to write to arb… New	-	CVE-2026-37534	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

284	7.1	HIGH Adjacent	-	-	AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted fro… New	-	CVE-2026-37532	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

285	9.8	CRITICAL Network	-	-	AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename fu… New	-	CVE-2026-37531	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

286	-		-	-	AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD… New	-	CVE-2026-37530	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

287	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without authenticatio… New	-	CVE-2026-37526	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

288	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision_call function in src/afb-supervision.c explicitl… New	-	CVE-2026-37525	2026-05-2 02:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

289	6.5	MEDIUM Network	prosody	prosody	An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in the activation scenario, relayin… New	CWE-420 Unprotected Alternate Channel	CVE-2026-43505	2026-05-2 02:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

290	6.5	MEDIUM Network	prosody	prosody	An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in a paused scenario, relaying of u… New	CWE-863 Incorrect Authorization	CVE-2026-43504	2026-05-2 02:15	2026-05-2	Show	GitHub Exploit DB Packet Storm