Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192711 6.5 警告
Network 		ARRIS Group - SeaWell Networks Spectrum SDC の configure_manage.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-8283 2017-05-17 14:44 2015-11-19 Show GitHub Exploit DB Packet Storm
192712 9.8 緊急
Network 		ARRIS Group - SeaWell Networks Spectrum SDC における証明書・パスワードの管理に関する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2015-8282 2017-05-17 14:44 2015-11-19 Show GitHub Exploit DB Packet Storm
192713 4.2 警告
Network 		SetucoCMSプロジェクト - SetucoCMS におけるセッション管理不備の脆弱性 CWE-Other
その他 		CVE-2016-4896 2017-05-17 14:41 2016-10-7 Show GitHub Exploit DB Packet Storm
192714 6.3 警告
Network 		SetucoCMSプロジェクト - SetucoCMS におけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2016-4895 2017-05-17 14:41 2016-10-7 Show GitHub Exploit DB Packet Storm
192715 5.3 警告
Network 		SetucoCMSプロジェクト - SetucoCMS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4894 2017-05-17 14:41 2016-10-7 Show GitHub Exploit DB Packet Storm
192716 6.3 警告
Network 		SetucoCMSプロジェクト - SetucoCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-4893 2017-05-17 14:41 2016-10-7 Show GitHub Exploit DB Packet Storm
192717 6.1 警告
Network 		SetucoCMSプロジェクト - SetucoCMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-4892 2017-05-17 14:41 2016-10-7 Show GitHub Exploit DB Packet Storm
192718 5.4 警告
Network 		SetucoCMSプロジェクト - SetucoCMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2016-4891 2017-05-17 14:41 2016-10-7 Show GitHub Exploit DB Packet Storm
192719 5.3 警告
Local 		SaltStack
Fedora Project		 - SaltStack の modules/chef.py におけるデータ処理に関する脆弱性 CWE-19
データ処理 		CVE-2015-1839 2017-05-17 13:54 2015-03-30 Show GitHub Exploit DB Packet Storm
192720 5.3 警告
Local 		SaltStack
Fedora Project		 - SaltStack の modules/serverdensity_device.py におけるデータ処理に関する脆弱性 CWE-19
データ処理 		CVE-2015-1838 2017-05-17 13:53 2015-03-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1091 - - - Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Transfer,allows attackers to write to arb… - CVE-2026-37534 2026-05-2 02:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1092 7.1 HIGH
Adjacent 		- - AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted fro… - CVE-2026-37532 2026-05-2 02:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1093 9.8 CRITICAL
Network 		- - AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename fu… - CVE-2026-37531 2026-05-2 02:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1094 - - - AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD… - CVE-2026-37530 2026-05-2 02:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1095 7.8 HIGH
Local 		- - AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without authenticatio… - CVE-2026-37526 2026-05-2 02:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1096 7.8 HIGH
Local 		- - AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision_call function in src/afb-supervision.c explicitl… - CVE-2026-37525 2026-05-2 02:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1097 6.5 MEDIUM
Network 		prosody prosody An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in the activation scenario, relayin… CWE-420
 Unprotected Alternate Channel 		CVE-2026-43505 2026-05-2 02:15 2026-05-2 Show GitHub Exploit DB Packet Storm
1098 6.5 MEDIUM
Network 		prosody prosody An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in a paused scenario, relaying of u… CWE-863
 Incorrect Authorization 		CVE-2026-43504 2026-05-2 02:15 2026-05-2 Show GitHub Exploit DB Packet Storm
1099 7.5 HIGH
Network 		prosody prosody An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-43506 2026-05-2 02:09 2026-05-2 Show GitHub Exploit DB Packet Storm
1100 7.5 HIGH
Network 		prosody prosody An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by XML parsing resource amplification from unauthen… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-43507 2026-05-2 02:09 2026-05-2 Show GitHub Exploit DB Packet Storm