Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
193791	7.8	重要 Local	Google	-	Android の WCDMA におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2014-9929	2017-06-29 16:56	2017-05-1	Show	GitHub Exploit DB Packet Storm

193792	7.8	重要 Local	Google	-	Android の GERAN におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2014-9928	2017-06-29 16:56	2017-05-1	Show	GitHub Exploit DB Packet Storm

193793	7.8	重要 Local	Google	-	Android の UIM におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2014-9927	2017-06-29 16:55	2017-05-1	Show	GitHub Exploit DB Packet Storm

193794	7.8	重要 Local	Google	-	Android の GNSS における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2014-9926	2017-06-29 16:55	2017-05-1	Show	GitHub Exploit DB Packet Storm

193795	7.8	重要 Local	Google	-	Android の HDR におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2014-9925	2017-06-29 16:55	2017-05-1	Show	GitHub Exploit DB Packet Storm

193796	7.8	重要 Local	Google	-	Android における数値処理に関する脆弱性	CWE-189 数値処理の問題	CVE-2014-9924	2017-06-29 16:55	2017-05-1	Show	GitHub Exploit DB Packet Storm

193797	7.8	重要 Local	Google	-	Android の NAS におけるバッファエラーの脆弱性	CWE-119 バッファエラー	CVE-2014-9923	2017-06-29 16:55	2017-05-1	Show	GitHub Exploit DB Packet Storm

193798	6.4	警告 Local	Todd C. Miller	-	Todd Miller の Sudo の get_process_ttyname() 関数における情報を公開される脆弱性	CWE-20 不適切な入力確認	CVE-2017-1000367	2017-06-29 16:41	2017-05-30	Show	GitHub Exploit DB Packet Storm

193799	6.5	警告 Network	ImageMagick	-	ImageMagick の coders/psd.c の ReadPSDChannel 関数におけるメモリリークの脆弱性	CWE-119 バッファエラー	CVE-2017-9440	2017-06-29 16:35	2017-05-7	Show	GitHub Exploit DB Packet Storm

193800	6.5	警告 Network	ImageMagick	-	ImageMagick の coders/pdb.c の ReadPDBImage 関数におけるメモリリークの脆弱性	CWE-119 バッファエラー	CVE-2017-9439	2017-06-29 16:35	2017-05-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2011	-		-	-	Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal I…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-43897	2026-05-14 03:27	2026-05-12	Show	GitHub Exploit DB Packet Storm

2012	8.2	HIGH Network	-	-	exiftool-vendored provides cross-platform Node.js access to ExifTool. Prior to 35.19.0, exiftool-vendored starts ExifTool in -stay_open True -@ - mode, where arguments are read from stdin one per lin…	CWE-88 Argument Injection	CVE-2026-43893	2026-05-14 03:27	2026-05-12	Show	GitHub Exploit DB Packet Storm

2013	-		-	-	pam_authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer_lookup_tcp (src/peer_lookup.c:…	CWE-125 CWE-191 Out-of-bounds Read Integer Underflow (Wrap or Wraparound)	CVE-2026-43916	2026-05-14 03:27	2026-05-12	Show	GitHub Exploit DB Packet Storm

2014	9.1	CRITICAL Network	-	-	sealed-env is a cross-stack, zero-trust secret management library for Node.js and Java/Spring Boot. In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's…	CWE-200 CWE-522 Information Exposure Insufficiently Protected Credentials	CVE-2026-45091	2026-05-14 03:27	2026-05-12	Show	GitHub Exploit DB Packet Storm

2015	-		-	-	MinIO is a high-performance object storage system. From RELEASE.2022-07-24T01-54-52Z to before RELEASE.2026-04-14T21-32-45Z, A path traversal vulnerability in MinIO's ReadMultiple internode storage-R…	CWE-22 Path Traversal	CVE-2026-42600	2026-05-14 03:26	2026-05-12	Show	GitHub Exploit DB Packet Storm

2016	-		-	-	Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.76 and 9.9.0-alpha.2, a race condition in the MFA SMS one-time password (OTP) logi…	CWE-362 Race Condition	CVE-2026-43930	2026-05-14 03:26	2026-05-12	Show	GitHub Exploit DB Packet Storm

2017	8.8	HIGH Network	-	-	YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5, Any admin OnPost… handler executes its side effects before the ResultFilterAttribute rewrites the response to a 302 to /Info/4. Th…	CWE-89 CWE-841 SQL Injection Improper Enforcement of Behavioral Workflow	CVE-2026-43937	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

2018	8.1	HIGH Network	-	-	YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the application's database logger (YAFNET.Core/Logger/DbLogger.cs) captures the incoming request's User-Agent header in…	CWE-79 CWE-80 CWE-116 Cross-site Scripting Basic XSS Improper Encoding or Escaping of Output	CVE-2026-43938	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

2019	7.3	HIGH Network	-	-	YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a a post or reply that is stored server-side and…	CWE-79 CWE-80 CWE-116 Cross-site Scripting Basic XSS Improper Encoding or Escaping of Output	CVE-2026-43939	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm

2020	6.5	MEDIUM Network	-	-	requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features. Prior to , the SSRF protection in requests-hardened fails to block IP addr…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42175	2026-05-14 03:24	2026-05-13	Show	GitHub Exploit DB Packet Storm