Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 4:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193641 6.1 警告
Network 		DELL EMC (旧 EMC Corporation) - 複数の EMC RSA 製品における格納型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5004 2017-07-12 18:26 2017-06-8 Show GitHub Exploit DB Packet Storm
193642 7.3 重要
Local 		DELL EMC (旧 EMC Corporation) - EMC VNX2 および VNX1 における標的の VNX Control Station システム上で任意のコードを実行される脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2017-4987 2017-07-12 18:26 2017-06-16 Show GitHub Exploit DB Packet Storm
193643 7.8 重要
Local 		DELL EMC (旧 EMC Corporation) - EMC VNX2 および VNX1 における権限を root へ昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-4985 2017-07-12 18:26 2017-06-16 Show GitHub Exploit DB Packet Storm
193644 9.8 緊急
Network 		DELL EMC (旧 EMC Corporation) - EMC VNX2 および VNX1 における権限を root へ昇格される脆弱性 CWE-77
コマンドインジェクション 		CVE-2017-4984 2017-07-12 18:26 2017-06-16 Show GitHub Exploit DB Packet Storm
193645 9.8 緊急
Network 		projectsend.org - ProjectSend の install/make-config.php における任意の PHP コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-9741 2017-07-12 17:58 2017-06-17 Show GitHub Exploit DB Packet Storm
193646 9.8 緊急
Network 		SPIP - SPIP におけるリモートでコードを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2017-9736 2017-07-12 17:58 2017-06-12 Show GitHub Exploit DB Packet Storm
193647 7.5 重要
Network 		Elasticsearch - SSL クライアントアクセス用に設定された Kibana におけるファイル記述子の枯渇に関する脆弱性 CWE-769
ファイル記述子の枯渇 		CVE-2017-8452 2017-07-12 17:58 2017-02-14 Show GitHub Exploit DB Packet Storm
193648 5.9 警告
Network 		MEA Financial Enterprises, L.L.C. - iOS 用 FNB Kemp Mobile Banking アプリケーションにおけるサーバになりすまされる脆弱性 CWE-295
不正な証明書検証 		CVE-2017-9601 2017-07-12 17:39 2017-06-12 Show GitHub Exploit DB Packet Storm
193649 5.9 警告
Network 		MEA Financial Enterprises, L.L.C. - iOS 用 SVB Mobile アプリケーションにおけるサーバになりすまされる脆弱性 CWE-295
不正な証明書検証 		CVE-2017-9594 2017-07-12 17:39 2017-06-12 Show GitHub Exploit DB Packet Storm
193650 5.9 警告
Network 		Your Legacy Federal Credit Union - iOS 用 Your Legacy Federal Credit Union Mobile Banking アプリケーションにおけるサーバになりすまされる脆弱性 CWE-295
不正な証明書検証 		CVE-2017-9592 2017-07-12 17:39 2017-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2511 7.8 HIGH
Local 		microsoft azure_connected_machine_agent Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. CWE-284
Improper Access Control 		CVE-2026-40381 2026-05-18 22:35 2026-05-13 Show GitHub Exploit DB Packet Storm
2512 6.5 MEDIUM
Network 		shellhub shellhub ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/devices/:uid returns the full device object whenever the caller is authenticated, without verifying that the device belongs to the cal… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-44424 2026-05-18 22:35 2026-05-14 Show GitHub Exploit DB Packet Storm
2513 5.4 MEDIUM
Network 		shellhub shellhub ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in the the name field of each filter property in the base64-encoded filter query p… CWE-20
CWE-943
CWE-1333
 Improper Input Validation 
 Improper Neutralization of Special Elements in Data Query Logic
 Inefficient Regular Expression Complexity 		CVE-2026-44425 2026-05-18 22:34 2026-05-14 Show GitHub Exploit DB Packet Storm
2514 4.3 MEDIUM
Network 		microsoft edge User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-35429 2026-05-18 22:34 2026-05-13 Show GitHub Exploit DB Packet Storm
2515 5.5 MEDIUM
Local 		microsoft teams Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally. CWE-552
 Files or Directories Accessible to External Parties 		CVE-2026-32185 2026-05-18 22:33 2026-05-13 Show GitHub Exploit DB Packet Storm
2516 4.3 MEDIUM
Network 		microsoft edge_chromium User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-40416 2026-05-18 22:26 2026-05-13 Show GitHub Exploit DB Packet Storm
2517 7.5 HIGH
Network 		- - A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS pa… CWE-475
 Undefined Behavior for Input to API 		CVE-2026-42009 2026-05-18 22:16 2026-05-18 Show GitHub Exploit DB Packet Storm
2518 9.8 CRITICAL
Network 		netty netty Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both… CWE-444
HTTP Request Smuggling 		CVE-2026-42581 2026-05-18 22:14 2026-05-14 Show GitHub Exploit DB Packet Storm
2519 9.8 CRITICAL
Network 		espressif arduino-esp32 arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a … CWE-121
Stack-based Buffer Overflow 		CVE-2026-42854 2026-05-18 22:09 2026-05-13 Show GitHub Exploit DB Packet Storm
2520 8.8 HIGH
Network 		mongodb mongodb An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issu… CWE-787
 Out-of-bounds Write 		CVE-2026-8053 2026-05-18 22:06 2026-05-13 Show GitHub Exploit DB Packet Storm