Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194441	6.1	警告 Network	レッドハット	-	RESTEasy のデフォルト例外ハンドラにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-6347	2017-05-18 16:37	2016-08-31	Show	GitHub Exploit DB Packet Storm

194442	5.5	警告 Local	oVirt	-	oVirt のエンジンにおける重要なパスワード情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-6341	2017-05-18 16:37	2016-08-29	Show	GitHub Exploit DB Packet Storm

194443	5.4	警告 Network	Zurmo Inc.	-	Zurmo におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-7188	2017-05-18 16:37	2017-04-10	Show	GitHub Exploit DB Packet Storm

194444	7.8	重要 Local	Artifex Software	-	Ghostscript の psi/zht2.c の .sethalftone5 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-704 不正な型変換またはキャスト	CVE-2016-8602	2017-05-18 16:37	2016-10-9	Show	GitHub Exploit DB Packet Storm

194445	6.5	警告 Network	シマンテック	-	Symantec Messaging Gateway の charting コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-5312	2017-05-18 16:37	2016-09-27	Show	GitHub Exploit DB Packet Storm

194446	7.5	重要 Network	Palo Alto Networks	-	Palo Alto Networks Traps ESM Console におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2017-7408	2017-05-18 16:31	2017-04-7	Show	GitHub Exploit DB Packet Storm

194447	4.3	警告 Network	Palo Alto Networks	-	Palo Alto Networks PAN-OS の Management Web Interface におけるエクスポートファイルに書き込まれる脆弱性	CWE-20 不適切な入力確認	CVE-2017-7217	2017-05-18 16:31	2017-04-10	Show	GitHub Exploit DB Packet Storm

194448	8.8	重要 Network	Unitrends	-	Unitrends Enterprise Backup における入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2017-7283	2017-05-18 16:23	2017-04-14	Show	GitHub Exploit DB Packet Storm

194449	9.8	緊急 Network	Google	-	Android One デバイス上で稼動する Android の Qualcomm GPS サブシステムにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-6727	2017-05-18 16:23	2016-11-7	Show	GitHub Exploit DB Packet Storm

194450	7.8	重要 Local	Phusion B.V.	-	Phusion Passenger における認可・権限・アクセス制御に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-10345	2017-05-18 16:23	2016-11-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1331	9.8	CRITICAL Network	paloaltonetworks siemens	pan-os ruggedcom_ape1808_firmware	A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code w… Update	CWE-787 Out-of-bounds Write	CVE-2026-0300	2026-05-13 03:47	2026-05-7	Show	GitHub Exploit DB Packet Storm

1332	7.5	HIGH Network	apple	ipados iphone_os macos tvos visionos watchos	The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS … New	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2026-28990	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1333	7.5	HIGH Network	apple	ipados iphone_os macos tvos visionos watchos	This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watch… New	CWE-284 Improper Access Control	CVE-2026-28974	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1334	7.5	HIGH Network	apple	ipados iphone_os	A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.5 and iPadOS 26.5. A user may be able to view restricted content from the lock screen. New	CWE-284 Improper Access Control	CVE-2026-28965	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1335	7.5	HIGH Network	apple	ipados iphone_os visionos	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to access sensitive user data. New	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-28964	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1336	4.4	MEDIUM Local	anthropic	claude_sdk_for_typescript	Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.91.1, the BetaLocalFilesystemMemoryTool in … Update	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-41686	2026-05-13 03:37	2026-05-5	Show	GitHub Exploit DB Packet Storm

1337	-		-	-	LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before … New	CWE-522 Insufficiently Protected Credentials	CVE-2026-8368	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

1338	4.2	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement p… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-43883	2026-05-13 03:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

1339	5.4	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the de… New	CWE-352 Origin Validation Error	CVE-2026-43877	2026-05-13 03:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

1340	-		-	-	Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21,… New	CWE-285 Improper Authorization	CVE-2026-43515	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm