Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
192951 9.6 緊急
Network 		オラクル - Oracle Sun Solaris における Kernel Zones virtualized NIC driver に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3510 2017-05-29 16:57 2017-04-18 Show GitHub Exploit DB Packet Storm
192952 3.3
Local 		オラクル - Oracle Sun Solaris における Kernel に関する脆弱性 CWE-200
情報漏えい 		CVE-2017-3498 2017-05-29 16:57 2017-04-18 Show GitHub Exploit DB Packet Storm
192953 7.3 重要
Network 		オラクル - Oracle Sun Solaris における Remote Administration Daemon に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3497 2017-05-29 16:57 2017-04-18 Show GitHub Exploit DB Packet Storm
192954 3.3
Local 		オラクル - Oracle Sun Solaris における Zone に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3474 2017-05-29 16:57 2017-04-18 Show GitHub Exploit DB Packet Storm
192955 2.8
Local 		オラクル - Oracle Sun Solaris Cluster における NAS device addition に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-5551 2017-05-29 16:57 2017-04-18 Show GitHub Exploit DB Packet Storm
192956 7.8 重要
Local 		オラクル - Oracle Support Tools の Automatic Service Request における ASR Manager に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3620 2017-05-29 16:37 2017-04-18 Show GitHub Exploit DB Packet Storm
192957 5.5 警告
Local 		オラクル - Oracle Support Tools の Automatic Service Request における ASR Manager に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3619 2017-05-29 16:37 2017-04-18 Show GitHub Exploit DB Packet Storm
192958 7.1 重要
Local 		オラクル - Oracle Support Tools の Automatic Service Request における ASR Manager に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3618 2017-05-29 16:37 2017-04-18 Show GitHub Exploit DB Packet Storm
192959 7.8 重要
Local 		オラクル - Oracle Support Tools の Automatic Service Request における ASR Manager に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3581 2017-05-29 16:37 2017-04-18 Show GitHub Exploit DB Packet Storm
192960 5.1 警告
Local 		オラクル - Oracle Support Tools の Automatic Service Request における ASR Manager に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-3505 2017-05-29 16:37 2017-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1211 5.9 MEDIUM
Network 		perldancer dancer\ Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the proce… CWE-338
CWE-340
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
 Generation of Predictable Numbers or Identifiers 		CVE-2026-5080 2026-05-5 11:54 2026-04-30 Show GitHub Exploit DB Packet Storm
1212 5.3 MEDIUM
Network 		asrmicro asr1901_firmware
asr1903_firmware 		NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/s… CWE-476
 NULL Pointer Dereference 		CVE-2026-42800 2026-05-5 11:54 2026-04-30 Show GitHub Exploit DB Packet Storm
1213 9.8 CRITICAL
Network 		asrmicro asr1803_firmware Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects … CWE-125
Out-of-bounds Read 		CVE-2026-42799 2026-05-5 11:53 2026-04-30 Show GitHub Exploit DB Packet Storm
1214 9.8 CRITICAL
Network 		oppo coloros_assistant ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. CWE-23
CWE-22
 Relative Path Traversal
Path Traversal 		CVE-2026-22070 2026-05-5 11:53 2026-04-30 Show GitHub Exploit DB Packet Storm
1215 7.5 HIGH
Network 		4d server Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adja… CWE-611
XXE 		CVE-2024-39847 2026-05-5 11:51 2026-04-30 Show GitHub Exploit DB Packet Storm
1216 9.8 CRITICAL
Network 		pylixm django-mdeditor All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary c… CWE-306
Missing Authentication for Critical Function 		CVE-2025-13030 2026-05-5 11:50 2026-04-30 Show GitHub Exploit DB Packet Storm
1217 4.8 MEDIUM
Network 		gnu wget2 wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpos… CWE-20
 Improper Input Validation  		CVE-2026-1858 2026-05-5 11:47 2026-04-30 Show GitHub Exploit DB Packet Storm
1218 9.8 CRITICAL
Network 		tenda w3002r_firmware
a302_firmware
w309r_firmware 		Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient se… CWE-290
 Authentication Bypass by Spoofing 		CVE-2018-25317 2026-05-5 11:46 2026-04-30 Show GitHub Exploit DB Packet Storm
1219 8.8 HIGH
Network 		geovision gv-lpc2011_firmware
gv-lpc2211_firmware 		An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An… CWE-78
OS Command  		CVE-2026-42364 2026-05-5 11:45 2026-05-4 Show GitHub Exploit DB Packet Storm
1220 6.5 MEDIUM
Network 		geovision gv-lpc2011_firmware
gv-lpc2211_firmware 		A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker … CWE-522
 Insufficiently Protected Credentials 		CVE-2026-42367 2026-05-5 11:45 2026-05-4 Show GitHub Exploit DB Packet Storm