Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
197011 7.5 重要
Network 		JasPer Project - JasPer の jpc_bs.c の jpc_bitstream_getbits 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-9391 2017-04-25 11:01 2016-10-28 Show GitHub Exploit DB Packet Storm
197012 5.5 警告
Local 		JasPer Project - JasPer の jas_seq.c の jas_seq2d_create 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9390 2017-04-25 11:01 2016-10-26 Show GitHub Exploit DB Packet Storm
197013 7.5 重要
Network 		JasPer Project - JasPer の jpc_mct.c の jpc_irct および jpc_iict 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9389 2017-04-25 11:01 2016-10-24 Show GitHub Exploit DB Packet Storm
197014 5.5 警告
Local 		JasPer Project - JasPer の jpc_mct.c の ras_getcmap 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-9388 2017-04-25 11:01 2016-10-24 Show GitHub Exploit DB Packet Storm
197015 7.8 重要
Local 		JasPer Project - JasPer の libjasper/jpc/jpc_dec.c の jpc_dec_process_siz 関数における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-9387 2017-04-25 11:01 2016-10-23 Show GitHub Exploit DB Packet Storm
197016 5.5 警告
Local 		JasPer Project - JasPer における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-9262 2017-04-25 11:01 2016-11-7 Show GitHub Exploit DB Packet Storm
197017 5.5 警告
Local 		JasPer Project
Fedora Project		 - JasPer の libjasper/jp2/jp2_cod.c の jp2_colr_destroy 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2016-8887 2017-04-25 11:01 2016-10-21 Show GitHub Exploit DB Packet Storm
197018 7.8 重要
Local 		JasPer Project - JasPer の libjasper/base/jas_malloc.c の jas_malloc 関数におけるメモリ割当て違反に関する脆弱性 CWE-119
バッファエラー 		CVE-2016-8886 2017-04-25 11:01 2016-10-26 Show GitHub Exploit DB Packet Storm
197019 7.5 重要
Network 		シスコシステムズ - Cisco ASR 920 シリーズアグリゲーションサービスルータ上で稼動する Cisco IOS XE における書式文字列に関する脆弱性 CWE-134
書式文字列の問題 		CVE-2017-3859 2017-04-24 19:25 2017-03-22 Show GitHub Exploit DB Packet Storm
197020 8.8 重要
Network 		シスコシステムズ - Cisco IOS XE ソフトウェアにおける不適切な入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-3858 2017-04-24 19:25 2017-03-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1941 7.2 HIGH
Network 		concretecms concrete_cms Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization occurring in the ExpressEntryList block controller. An rogue administrator with privileges to add … CWE-502
 Deserialization of Untrusted Data 		CVE-2026-8135 2026-05-27 03:44 2026-05-22 Show GitHub Exploit DB Packet Storm
1942 6.5 MEDIUM
Network 		concretecms concrete_cms Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/install/download/<remoteId>. The download() method in concrete/controllers/single_page/dash… CWE-352
 Origin Validation Error 		CVE-2026-8140 2026-05-27 03:43 2026-05-22 Show GitHub Exploit DB Packet Storm
1943 4.8 MEDIUM
Network 		concretecms concrete_cms Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via OAuth integration name. The OAuth authorize template renders the integration name (admin-controlled) through Concrete's t() translation he… CWE-79
Cross-site Scripting 		CVE-2026-8197 2026-05-27 03:34 2026-05-22 Show GitHub Exploit DB Packet Storm
1944 5.4 MEDIUM
Network 		concretecms concrete_cms Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not validate or sanitize $height. Any user with editor privileges can inject malicious JavaScript that execute… CWE-79
Cross-site Scripting 		CVE-2026-8203 2026-05-27 03:33 2026-05-22 Show GitHub Exploit DB Packet Storm
1945 8.8 HIGH
Network 		concretecms concrete_cms Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/delete.  The The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco… CWE-352
CWE-1275
 Origin Validation Error
 Sensitive Cookie with Improper SameSite Attribute 		CVE-2026-8409 2026-05-27 03:32 2026-05-22 Show GitHub Exploit DB Packet Storm
1946 8.8 HIGH
Network 		concretecms concrete_cms Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete.  The The Concrete CMS security team gave this vulnerability a CVSS v.4.… CWE-352
CWE-1275
 Origin Validation Error
 Sensitive Cookie with Improper SameSite Attribute 		CVE-2026-8410 2026-05-27 03:31 2026-05-22 Show GitHub Exploit DB Packet Storm
1947 7.5 HIGH
Network 		nlnetlabs unbound NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL config… CWE-346
 Origin Validation Error 		CVE-2026-40622 2026-05-27 03:28 2026-05-20 Show GitHub Exploit DB Packet Storm
1948 8.8 HIGH
Network 		concretecms concrete_cms Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco… CWE-352
CWE-1275
 Origin Validation Error
 Sensitive Cookie with Improper SameSite Attribute 		CVE-2026-8411 2026-05-27 03:26 2026-05-22 Show GitHub Exploit DB Packet Storm
1949 8.8 HIGH
Network 		concretecms concrete_cms Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco… CWE-352
CWE-1275
 Origin Validation Error
 Sensitive Cookie with Improper SameSite Attribute 		CVE-2026-8412 2026-05-27 03:25 2026-05-22 Show GitHub Exploit DB Packet Storm
1950 8.8 HIGH
Network 		concretecms concrete_cms Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score… CWE-352
CWE-1275
 Origin Validation Error
 Sensitive Cookie with Improper SameSite Attribute 		CVE-2026-8433 2026-05-27 03:19 2026-05-22 Show GitHub Exploit DB Packet Storm