Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197411	6.1	警告 Network	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における Mobile Application Platform に関する脆弱性	CWE-254 セキュリティ機能	CVE-2016-8329	2017-02-3 14:50	2017-01-17	Show	GitHub Exploit DB Packet Storm

197412	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3352	2017-02-3 14:47	2017-01-17	Show	GitHub Exploit DB Packet Storm

197413	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3351	2017-02-3 14:47	2017-01-17	Show	GitHub Exploit DB Packet Storm

197414	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3350	2017-02-3 14:47	2017-01-17	Show	GitHub Exploit DB Packet Storm

197415	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3349	2017-02-3 14:47	2017-01-17	Show	GitHub Exploit DB Packet Storm

197416	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3348	2017-02-3 14:47	2017-01-17	Show	GitHub Exploit DB Packet Storm

197417	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3346	2017-02-3 14:45	2017-01-17	Show	GitHub Exploit DB Packet Storm

197418	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3344	2017-02-3 14:45	2017-01-17	Show	GitHub Exploit DB Packet Storm

197419	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3343	2017-02-3 14:45	2017-01-17	Show	GitHub Exploit DB Packet Storm

197420	8.2	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle Marketing における User Interface に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2017-3341	2017-02-3 14:45	2017-01-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
91	7.1	HIGH Network	-	-	A Server-Side Request Forgery (SSRF) vulnerability exists in MLflow versions prior to 3.9.0. The `_create_webhook()` function in `mlflow/server/handlers.py` accepts a user-controlled `url` parameter … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-2393	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

92	-		-	-	dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-co… New	-	CVE-2026-2291	2026-05-12 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

93	8.8	HIGH Network	-	-	Insufficient input validation of the `plugin` parameter of the `create_user` plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user. New	CWE-94 Code Injection	CVE-2026-29202	2026-05-12 03:16	2026-05-9	Show	GitHub Exploit DB Packet Storm

94	5.3	MEDIUM Network	-	-	Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to … New	CWE-757 Algorithm Downgrade	CVE-2026-1677	2026-05-12 03:16	2026-05-11	Show	GitHub Exploit DB Packet Storm

95	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in snd_cx88_hw_params() In error path, add cx88_alsa_dma_unmap() to release resource acquired by c… Update	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2026-43257	2026-05-12 03:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

96	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruptio… Update	CWE-787 Out-of-bounds Write	CVE-2026-43258	2026-05-12 03:10	2026-05-6	Show	GitHub Exploit DB Packet Storm

97	9.6	CRITICAL Network	argoproj	argo_cd	Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo… New	CWE-200 CWE-212 Information Exposure Improper Removal of Sensitive Information Before Storage or Transfer	CVE-2026-42880	2026-05-12 02:46	2026-05-8	Show	GitHub Exploit DB Packet Storm

98	8.8	HIGH Network	gitpython_project	gitpython	GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by … New	CWE-78 OS Command	CVE-2026-42215	2026-05-12 02:45	2026-05-8	Show	GitHub Exploit DB Packet Storm

99	7.8	HIGH Local	gitpython_project	gitpython	GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.set_value() passes values to Python's configparser without validating for newlines. GitP… New	CWE-94 Code Injection	CVE-2026-44244	2026-05-12 02:44	2026-05-8	Show	GitHub Exploit DB Packet Storm

100	7.5	HIGH Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() ipv6_stub->ipv6_dev_find() may return ERR_PTR(-EAFNOSUPPORT) when the IPv6 s… Update	CWE-476 NULL Pointer Dereference	CVE-2026-43099	2026-05-12 02:36	2026-05-6	Show	GitHub Exploit DB Packet Storm