Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196891 5.4 警告
Network 		WordPress.org - WordPress におけるリダイレクト URL の検証について不本意の操作を誘発される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6815 2017-03-14 11:55 2017-03-6 Show GitHub Exploit DB Packet Storm
196892 5.4 警告
Network 		WordPress.org - WordPress におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6814 2017-03-14 11:55 2017-03-6 Show GitHub Exploit DB Packet Storm
196893 5.9 警告
Network 		NTP Project - NTP の ntpd におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-2519 2017-03-13 18:20 2016-04-27 Show GitHub Exploit DB Packet Storm
196894 5.3 警告
Network 		NTP Project - NTP におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2517 2017-03-13 18:20 2016-04-27 Show GitHub Exploit DB Packet Storm
196895 5.3 警告
Network 		NTP Project - NTP におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-2516 2017-03-13 18:20 2016-04-27 Show GitHub Exploit DB Packet Storm
196896 3.7
Network 		NTPsec project
NTP Project		 - NTP および NTPsec の ntpd における時間を制御される脆弱性 CWE-254
セキュリティ機能 		CVE-2016-1551 2017-03-13 18:20 2016-04-27 Show GitHub Exploit DB Packet Storm
196897 4.3 警告
Network 		openSUSE project
SUSE
NTP Project		 - NTP の ntpq saveconfig コマンドにおける脆弱性 CWE-254
セキュリティ機能 		CVE-2015-7976 2017-03-13 18:20 2015-10-23 Show GitHub Exploit DB Packet Storm
196898 9.8 緊急
Network 		PHP Form Mail Maker - PHP FormMail Generator で作成した PHP コードに複数の脆弱性 CWE-22
CWE-302
CWE-502
CVE-2016-9482
CVE-2016-9483
CVE-2016-9484 		2017-03-13 17:05 2016-12-8 Show GitHub Exploit DB Packet Storm
196899 4.3 警告
Network 		シスコシステムズ - Cisco Unified Communications Manager の Web フレームワークにおける重要な情報を表示される脆弱性 CWE-200
情報漏えい 		CVE-2017-3836 2017-03-13 16:59 2017-02-15 Show GitHub Exploit DB Packet Storm
196900 8.8 重要
Network 		シスコシステムズ - Cisco Identity Services Engine のスポンサーポータルにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-3835 2017-03-13 16:59 2017-02-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1161 5.5 MEDIUM
Local 		- - Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2024-51394 2026-05-14 03:16 2026-05-14 Show GitHub Exploit DB Packet Storm
1162 5.0 MEDIUM
Network 		- - mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-41195 2026-05-14 03:15 2026-05-13 Show GitHub Exploit DB Packet Storm
1163 - - - django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified requ… CWE-22
CWE-26
Path Traversal
 Path Traversal: '/dir/../filename' 		CVE-2026-42196 2026-05-14 03:15 2026-05-13 Show GitHub Exploit DB Packet Storm
1164 7.5 HIGH
Network 		- - Snappier is a high performance C# implementation of the Snappy compression algorithm. Prior to 1.3.1, Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-f… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-44302 2026-05-14 03:15 2026-05-13 Show GitHub Exploit DB Packet Storm
1165 - - - Mako is a template library written in Python. Prior to 1.3.12, on Windows, a URI using backslash traversal (e.g. \..\..\ secret.txt) bypasses the directory traversal check in Template.__init__ and th… CWE-22
Path Traversal 		CVE-2026-44307 2026-05-14 03:15 2026-05-13 Show GitHub Exploit DB Packet Storm
1166 5.3 MEDIUM
Network 		- - GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access job details by directly manipulating object identifiers. Th… CWE-284
CWE-639
Improper Access Control
 Authorization Bypass Through User-Controlled Key 		CVE-2026-44341 2026-05-14 03:15 2026-05-13 Show GitHub Exploit DB Packet Storm
1167 - - - Hugo is a static site generator. From 0.43 to before 0.161.0, when building a Hugo site that uses Node-based asset pipelines (PostCSS, Babel, TailwindCSS), Hugo invoked the configured Node tools with… CWE-22
Path Traversal 		CVE-2026-44301 2026-05-14 03:14 2026-05-13 Show GitHub Exploit DB Packet Storm
1168 6.1 MEDIUM
Network 		- - Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 2.5.2, Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentio… CWE-79
Cross-site Scripting 		CVE-2026-44245 2026-05-14 03:14 2026-05-13 Show GitHub Exploit DB Packet Storm
1169 6.3 MEDIUM
Network 		- - A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises (former 1E DEX Platform On-Premises) prior to version 9.2. Improper input validation allows authenticated users… CWE-20
 Improper Input Validation  		CVE-2026-2695 2026-05-14 03:10 2026-05-14 Show GitHub Exploit DB Packet Storm
1170 7.5 HIGH
Network 		phpoffice phpspreadsheet PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the SpreadsheetML XML reader (Reader\Xml) does not validate the ss:I… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-40863 2026-05-14 03:01 2026-05-13 Show GitHub Exploit DB Packet Storm