Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
192701	7.5	重要 Network	シスコシステムズ	-	Cisco FirePOWER System のソフトウェアにおけるリソース管理に関する脆弱性	CWE-399 リソース管理の問題	CVE-2017-6632	2017-06-19 16:25	2017-05-17	Show	GitHub Exploit DB Packet Storm

192702	9.8	緊急 Network	Keycloak	-	Keycloak Node.js アダプタにおけるデータ処理に関する脆弱性	CWE-19 データ処理	CVE-2017-7474	2017-06-19 16:12	2017-04-25	Show	GitHub Exploit DB Packet Storm

192703	7.5	重要 Network	Synology Inc.	-	Synology Photo Station の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-10331	2017-06-19 12:31	2016-08-3	Show	GitHub Exploit DB Packet Storm

192704	7.1	重要 Local	Synology Inc.	-	Synology Photo Station で使用される SUID プログラムの synophoto_dsm_user におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-10330	2017-06-19 12:31	2016-08-3	Show	GitHub Exploit DB Packet Storm

192705	9.8	緊急 Network	Synology Inc.	-	Synology Photo Station の login.php におけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2016-10329	2017-06-19 12:31	2016-08-3	Show	GitHub Exploit DB Packet Storm

192706	4.3	警告 Network	Authconfig project	-	Authconfig おける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2017-7488	2017-06-19 12:24	2017-05-9	Show	GitHub Exploit DB Packet Storm

192707	9.8	緊急 Network	Edgewater Networks	-	Edgewater Networks Edgemarc アプライアンスにおけるコマンドインジェクションの脆弱性	CWE-77 コマンドインジェクション	CVE-2017-6079	2017-06-19 12:18	2017-05-16	Show	GitHub Exploit DB Packet Storm

192708	7.8	重要 Local	Fabrice Bellard	-	QEMU おけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-7493	2017-06-19 12:16	2017-05-16	Show	GitHub Exploit DB Packet Storm

192709	9.8	緊急 Network	The PHP Group	-	PHP の Zend/zend_string.h の zend_string_extend 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2017-8923	2017-06-19 12:14	2017-05-12	Show	GitHub Exploit DB Packet Storm

192710	7.5	重要 Network	VirusTotal	-	YARA の libyara/sizedstr.c の sized_string_cmp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-416 解放済みメモリの使用	CVE-2017-8929	2017-06-19 11:56	2017-05-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1581	5.3	MEDIUM Local	-	-	The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service…	CWE-400 Uncontrolled Resource Consumption	CVE-2022-26523	2026-05-9 01:02	2026-05-8	Show	GitHub Exploit DB Packet Storm

1582	6.5	MEDIUM Network	-	-	Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field.	CWE-78 OS Command	CVE-2022-45899	2026-05-9 01:02	2026-05-8	Show	GitHub Exploit DB Packet Storm

1583	5.8	MEDIUM Network	-	-	solidtime is an open-source time-tracking app. In version 0.12.0, the PUT /api/v1/organizations/{organization}/time-entries/{timeEntry} API accepts a route-bound timeEntry from another organization w…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-42279	2026-05-9 01:02	2026-05-8	Show	GitHub Exploit DB Packet Storm

1584	7.5	HIGH Network	-	-	Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445.	CWE-400 Uncontrolled Resource Consumption	CVE-2024-27686	2026-05-9 01:02	2026-05-8	Show	GitHub Exploit DB Packet Storm

1585	6.3	MEDIUM Network	-	-	/cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a POST request that carries a serverName parameter.	CWE-77 Command Injection	CVE-2024-30167	2026-05-9 01:02	2026-05-8	Show	GitHub Exploit DB Packet Storm

1586	7.3	HIGH Network	-	-	An issue was discovered in Control Web Panel (CWP) before 0.9.8.1209. User input passed via the "key" GET parameter to /admin/index.php (when the "api" parameter is set) is not properly sanitized bef…	CWE-78 OS Command	CVE-2025-67888	2026-05-9 01:02	2026-05-8	Show	GitHub Exploit DB Packet Storm

1587	-		-	-	Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API call is only available to admins and they are intentionally all…	-	CVE-2025-69691	2026-05-9 01:02	2026-05-8	Show	GitHub Exploit DB Packet Storm

1588	-		-	-	Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Versions 22.0.2 and earlier contains an authenticated remote code execution vulnerabilit…	CWE-74 Injection	CVE-2025-67486	2026-05-9 01:02	2026-05-9	Show	GitHub Exploit DB Packet Storm

1589	-		-	-	Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.49.1, Nhost automatically links an incoming OAuth identity to an existing Nhost account when the email addresses match. T…	CWE-287 Improper Authentication	CVE-2026-41574	2026-05-9 01:02	2026-05-9	Show	GitHub Exploit DB Packet Storm

1590	7.5	HIGH Network	coredns.io	coredns	CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports (DoT, DoH, DoH3, DoQ, and gRPC) because it trusts the transport w…	CWE-303 Incorrect Implementation of Authentication Algorithm	CVE-2026-33190	2026-05-9 01:01	2026-05-6	Show	GitHub Exploit DB Packet Storm