Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197241	7	重要 Local	Linux	-	Qualcomm カメラドライバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0521	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197242	7	重要 Local	Linux	-	Qualcomm 暗号化エンジンドライバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0520	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197243	7	重要 Local	Linux	-	Qualcomm 指紋センサードライバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0519	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197244	7	重要 Local	Linux	-	Qualcomm 指紋センサードライバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0518	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197245	7	重要 Local	Google	-	MediaTek ハードウェアセンサードライバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0517	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197246	7	重要 Local	Linux	-	Qualcomm 入力ハードウェアドライバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0516	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197247	7.8	重要 Local	Linux	-	カーネル FIQ デバッガにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0510	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197248	7.8	重要 Local	Linux	-	カーネル ION サブシステムにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0508	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197249	7.8	重要 Local	Linux	-	カーネル ION サブシステムにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0507	2017-03-28 11:54	2017-03-6	Show	GitHub Exploit DB Packet Storm

197250	7	重要 Local	Linux	-	Qualcomm Wi-Fi ドライバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0464	2017-03-28 11:52	2017-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1271	7.5	HIGH Network	microsoft	windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2025	Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.	CWE-476 NULL Pointer Dereference	CVE-2026-40405	2026-05-16 00:20	2026-05-13	Show	GitHub Exploit DB Packet Storm

1272	7.5	HIGH Network	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.	CWE-416 Use After Free	CVE-2026-40406	2026-05-16 00:20	2026-05-13	Show	GitHub Exploit DB Packet Storm

1273	7.8	HIGH Local	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-40407	2026-05-16 00:19	2026-05-13	Show	GitHub Exploit DB Packet Storm

1274	9.1	CRITICAL Network	-	-	Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward local secrets such as API tokens…	CWE-94 Code Injection	CVE-2026-8634	2026-05-16 00:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

1275	4.3	MEDIUM Network	-	-	SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers can enumerate…	CWE-863 Incorrect Authorization	CVE-2026-45148	2026-05-16 00:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

1276	7.5	HIGH Network	-	-	libyang is a YANG data modeling language library. Prior to SO 5.2.15, lyb_read_string() in src/parser_lyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciou…	CWE-190 Integer Overflow or Wraparound	CVE-2026-44673	2026-05-16 00:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

1277	-		-	-	SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the kernel stores Attribute View (AV / database) names without any HTML escape, then a render template uses raw strings.…	CWE-79 CWE-94 CWE-1188 Cross-site Scripting Code Injection Insecure Default Initialization of Resource	CVE-2026-44670	2026-05-16 00:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

1278	-		-	-	HRConvert2 is a self-hosted, drag-and-drop & nosql file conversion server & share tool. Prior to 3.3.8, the sanitizeString() function in convertCore.php is missing backtick (`) and tab (\t) from its …	CWE-78 OS Command	CVE-2026-44666	2026-05-16 00:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

1279	-		-	-	SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover handler in app/src/block/popover.ts reads aria-label via getAttribute and passes it through decode…	CWE-79 CWE-116 CWE-1188 Cross-site Scripting Improper Encoding or Escaping of Output Insecure Default Initialization of Resource	CVE-2026-44588	2026-05-16 00:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

1280	10.0	CRITICAL Network	-	-	Note Mark is an open-source note-taking application. Prior to 0.19.4, no minimum length or entropy is enforced on the JWT_SECRET configuration value. The application accepts any base64-decodable secr…	CWE-326 CWE-345 Inadequate Encryption Strength Insufficient Verification of Data Authenticity	CVE-2026-44523	2026-05-16 00:16	2026-05-15	Show	GitHub Exploit DB Packet Storm