Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193651 8.8 重要
Network 		Yeager - Yeager CMS の "yeager/y.php/tab_USERLIST" における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-7569 2017-05-22 18:10 2015-12-10 Show GitHub Exploit DB Packet Storm
193652 7.5 重要
Network 		GNU Project - unrtf におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-10091 2017-05-22 18:09 2016-12-31 Show GitHub Exploit DB Packet Storm
193653 5.4 警告
Network 		OpenStack
レッドハット		 - Openstack Manila の "Shares" overview におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6519 2017-05-22 18:06 2016-09-28 Show GitHub Exploit DB Packet Storm
193654 7.5 重要
Network 		Tenable, Inc. - Tenable Appliance におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-8050 2017-05-22 17:59 2017-03-7 Show GitHub Exploit DB Packet Storm
193655 5.3 警告
Network 		Schneider Electric - Schneider Electric Wonderware InTouch Access Anywhere における暗号強度に関する脆弱性 CWE-326
不適切な暗号強度 		CVE-2017-5160 2017-05-22 17:54 2017-03-27 Show GitHub Exploit DB Packet Storm
193656 9.8 緊急
Network 		Schneider Electric - Schneider Electric Wonderware InTouch Access Anywhere における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-5158 2017-05-22 17:54 2017-03-27 Show GitHub Exploit DB Packet Storm
193657 8.8 重要
Network 		Schneider Electric - Schneider Electric Wonderware InTouch Access Anywhere におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-5156 2017-05-22 17:54 2017-03-27 Show GitHub Exploit DB Packet Storm
193658 3.3
Local 		Lexmark - Lexmark Perceptive Document Filters における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-2806 2017-05-22 17:29 2017-04-18 Show GitHub Exploit DB Packet Storm
193659 9.1 緊急
Network 		Moxa Inc. - Moxa AWK-3131A Wireless Access Points のファームウェアにおける OS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2016-8721 2017-05-22 17:29 2016-11-14 Show GitHub Exploit DB Packet Storm
193660 7.5 重要
Network 		クイックヒール・テクノロジーズ・ジャパン株式会社 - QuickHeal の webssx.sys ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2015-8285 2017-05-22 17:29 2015-11-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1121 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermal_zone_pm_complete() and thermal_zone_device_resume() r… CWE-416
 Use After Free 		CVE-2026-31731 2026-05-8 22:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1122 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: possible double-free of cctx->remote_heap fastrpc_init_create_static_process() may free cctx->remote_heap on the e… CWE-415
 Double Free 		CVE-2026-31730 2026-05-8 22:16 2026-05-2 Show GitHub Exploit DB Packet Storm
1123 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2026-2710 2026-05-8 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
1124 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-34429. Reason: This candidate is a duplicate of CVE-2026-34429. Notes: All CVE users should reference CVE-2026-344… - CVE-2026-44365 2026-05-8 06:16 2026-05-8 Show GitHub Exploit DB Packet Storm
1125 7.7 HIGH
Network 		- - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP redirects via curlGetLastR… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-41905 2026-05-8 06:16 2026-05-8 Show GitHub Exploit DB Packet Storm
1126 7.1 HIGH
Local 		gitpython_project gitpython GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application … CWE-22
Path Traversal 		CVE-2026-44243 2026-05-8 06:12 2026-05-8 Show GitHub Exploit DB Packet Storm
1127 5.3 MEDIUM
Network 		- - ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an att… CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2026-42241 2026-05-8 05:37 2026-05-8 Show GitHub Exploit DB Packet Storm
1128 - - - PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid o… CWE-295
Improper Certificate Validation  		CVE-2026-42225 2026-05-8 05:36 2026-05-8 Show GitHub Exploit DB Packet Storm
1129 8.1 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.… CWE-1004
 Sensitive Cookie Without 'HttpOnly' Flag 		CVE-2026-42239 2026-05-8 05:35 2026-05-8 Show GitHub Exploit DB Packet Storm
1130 7.6 HIGH
Network 		- - manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. F… CWE-266
 Incorrect Privilege Assignment 		CVE-2026-43510 2026-05-8 05:32 2026-05-8 Show GitHub Exploit DB Packet Storm