Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
197891	5.4	警告 Network	Open-Xchange	-	Open-Xchange OX AppSuite の Portal のタイルのラベルにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-3173	2016-12-28 11:38	2016-03-29	Show	GitHub Exploit DB Packet Storm

197892	6.1	警告 Network	Open-Xchange	-	Open-Xchange OX Guard におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-6854	2016-12-27 17:35	2016-09-13	Show	GitHub Exploit DB Packet Storm

197893	6.1	警告 Network	Open-Xchange	-	Open-Xchange OX Guard におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-6853	2016-12-27 17:35	2016-09-13	Show	GitHub Exploit DB Packet Storm

197894	6.1	警告 Network	Open-Xchange	-	Open-Xchange OX Guard におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-6851	2016-12-27 17:35	2016-09-13	Show	GitHub Exploit DB Packet Storm

197895	7.5	重要 Network	Open-Xchange	-	Open-Xchange OX Guard の API におけるパディングを推測される脆弱性	CWE-255 証明書・パスワード管理	CVE-2016-4028	2016-12-27 17:35	2016-06-22	Show	GitHub Exploit DB Packet Storm

197896	6.1	警告 Network	Open-Xchange	-	Open-Xchange Server 6 および OX AppSuite における信頼できるドメインのコンテキスト内で悪意のあるスクリプトが実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-2840	2016-12-27 17:35	2016-03-14	Show	GitHub Exploit DB Packet Storm

197897	8.8	重要 Network	Open-Xchange	-	Open-Xchange Guard におけるハッシュ化されたパスワードを取得される脆弱性	CWE-320 鍵管理のエラー	CVE-2015-8542	2016-12-27 17:35	2015-12-16	Show	GitHub Exploit DB Packet Storm

197898	6.5	警告 Network	IBM MariaDB Corporation Ab. オラクル	-	Oracle MySQL の MySQL Server における Server: Types に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-3521	2016-12-27 14:21	2016-07-19	Show	GitHub Exploit DB Packet Storm

197899	8.8	重要 Network	ネットギア	-	複数の NETGEAR 製ルータに脆弱性	CWE-306 CWE-352 CWE-77	CVE-2016-6277	2016-12-27 14:16	2016-12-9	Show	GitHub Exploit DB Packet Storm

197900	1.7	注意	MySQL AB openSUSE project Canonical Debian MariaDB Corporation Ab. オラクルレッドハット	-	Oracle MySQL の MySQL Server および MariaDB における Privileges に関する脆弱性	CWE-noinfo 情報不足	CVE-2016-0609	2016-12-27 10:52	2016-01-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
611	8.8	HIGH Network	-	-	GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by … New	CWE-78 OS Command	CVE-2026-42215	2026-05-8 04:49	2026-05-8	Show	GitHub Exploit DB Packet Storm

612	8.8	HIGH Local	sandboxie-plus	sandboxie	Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration re… New	CWE-93 CRLF Injection	CVE-2026-34458	2026-05-8 04:48	2026-05-6	Show	GitHub Exploit DB Packet Storm

613	7.3	HIGH Network	-	-	A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation of the argument ID results i… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-8083	2026-05-8 04:48	2026-05-8	Show	GitHub Exploit DB Packet Storm

614	3.3	LOW Local	-	-	A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This… New	CWE-119 CWE-125 Incorrect Access of Indexable Resource ('Range Error') Out-of-bounds Read	CVE-2026-8084	2026-05-8 04:48	2026-05-8	Show	GitHub Exploit DB Packet Storm

615	8.8	HIGH Local	sandboxie-plus	sandboxie	Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilit… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-34459	2026-05-8 04:48	2026-05-6	Show	GitHub Exploit DB Packet Storm

616	7.0	HIGH Local	sandboxie-plus	sandboxie	Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Use (TOCTOU) race condition exists during addon installation.… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-34596	2026-05-8 04:45	2026-05-6	Show	GitHub Exploit DB Packet Storm

617	6.3	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attacker… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-44112	2026-05-8 04:42	2026-05-7	Show	GitHub Exploit DB Packet Storm

618	4.3	MEDIUM Network	openclaw	openclaw	OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memory_get function that allows callers to read any Markdown files within the workspace root. Attackers with… New	CWE-183 Permissive List of Allowed Inputs	CVE-2026-44111	2026-05-8 04:42	2026-05-7	Show	GitHub Exploit DB Packet Storm

619	8.8	HIGH Network	openclaw	openclaw	OpenClaw before 2026.4.15 contains an authorization bypass vulnerability in Matrix room control-command authorization that trusts DM pairing-store entries. Attackers with DM-paired sender IDs can exe… New	CWE-863 Incorrect Authorization	CVE-2026-44110	2026-05-8 04:41	2026-05-7	Show	GitHub Exploit DB Packet Storm

620	9.8	CRITICAL Network	openclaw	openclaw	OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptK… New	CWE-1188 Insecure Default Initialization of Resource	CVE-2026-44109	2026-05-8 04:40	2026-05-7	Show	GitHub Exploit DB Packet Storm