Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197361	9.1	緊急 Network	LibTIFF	-	libtiff の tif_read.c の TIFFReadRawStrip1 および TIFFReadRawTile1 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2016-6223	2017-02-7 10:21	2016-07-13	Show	GitHub Exploit DB Packet Storm

197362	7.5	重要 Network	AppNeta	-	tcpreplay の tcprewrite におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-6160	2017-02-7 10:05	2016-07-7	Show	GitHub Exploit DB Packet Storm

197363	7.5	重要 Network	Cake Software Foundation	-	CakePHP の clientIp 関数における IP を偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2016-4793	2017-02-7 09:58	2016-03-13	Show	GitHub Exploit DB Packet Storm

197364	6.1	警告 Network	TYPO3 Association	-	TYPO3 のバックエンドコンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-4056	2017-02-7 09:48	2016-02-23	Show	GitHub Exploit DB Packet Storm

197365	9.8	緊急 Network	LANDesk	-	Landesk Management Suite の collector.exe のリスナーにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-3147	2017-02-6 17:45	2016-10-14	Show	GitHub Exploit DB Packet Storm

197366	9.8	緊急 Network	Exponent CMS project	-	Exponent CMS における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2016-2242	2017-02-6 17:43	2016-01-23	Show	GitHub Exploit DB Packet Storm

197367	9.8	緊急 Network	LHa for UNIX project	-	LHA の header.c における整数アンダーフローの脆弱性	CWE-191 整数アンダーフロー	CVE-2016-1925	2017-02-6 17:41	2016-01-16	Show	GitHub Exploit DB Packet Storm

197368	7.5	重要 Network	OneLogin, Inc.	-	Ruby-saml における XML 署名ラッピング攻撃を実行される脆弱性	CWE-91 ブラインド XPath インジェクション	CVE-2016-5697	2017-02-6 17:41	2016-06-24	Show	GitHub Exploit DB Packet Storm

197369	8.8	重要 Network	Snort.org	-	Snort における任意のコードを実行される脆弱性	CWE-426 信頼性のない検索パス	CVE-2016-1417	2017-02-6 17:40	2016-09-29	Show	GitHub Exploit DB Packet Storm

197370	8.8	重要 Network	elfden	-	WordPress 用 eShop プラグインの eshop-orders.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-0769	2017-02-6 17:34	2016-02-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
241	7.5	HIGH Network	-	-	A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-28846	2026-05-13 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

242	5.4	MEDIUM Network	-	-	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may … New	CWE-787 Out-of-bounds Write	CVE-2026-28819	2026-05-13 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

243	6.7	MEDIUM Local	-	-	Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. New	CWE-415 Double Free	CVE-2026-21530	2026-05-13 03:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

244	-		-	-	Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary… New	CWE-20 Improper Input Validation	CVE-2026-20767	2026-05-13 03:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

245	-		-	-	Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with a… New	CWE-787 Out-of-bounds Write	CVE-2026-20714	2026-05-13 03:16	2026-05-13	Show	GitHub Exploit DB Packet Storm

246	7.5	HIGH Network	-	-	docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url. New	CWE-22 Path Traversal	CVE-2025-65418	2026-05-13 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

247	5.5	MEDIUM Local	python	pillow	Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polyg… Update	CWE-122 Heap-based Buffer Overflow	CVE-2026-42309	2026-05-13 02:57	2026-05-9	Show	GitHub Exploit DB Packet Storm

248	5.5	MEDIUM Local	python	pillow	Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer… Update	CWE-190 Integer Overflow or Wraparound	CVE-2026-42308	2026-05-13 02:57	2026-05-9	Show	GitHub Exploit DB Packet Storm

249	5.5	MEDIUM Local	python	pillow	Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the… Update	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-42310	2026-05-13 02:55	2026-05-9	Show	GitHub Exploit DB Packet Storm

250	4.7	MEDIUM Local	apple	ipados iphone_os macos visionos	A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, … New	CWE-362 Race Condition	CVE-2026-43659	2026-05-13 02:51	2026-05-12	Show	GitHub Exploit DB Packet Storm