Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198181	6	警告 Local	Fabrice Bellard	-	QEMU の hw/9pfs/9p.c におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-7116	2016-12-13 16:00	2016-08-26	Show	GitHub Exploit DB Packet Storm

198182	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/net/net_tx_pkt.c の net_tx_pkt_init 関数における整数オーバーフローの脆弱性	CWE-190 CWE-476	CVE-2016-6888	2016-12-13 16:00	2016-08-18	Show	GitHub Exploit DB Packet Storm

198183	6	警告 Local	Fabrice Bellard	-	QEMU の hw/net/vmxnet3.c の vmxnet3_complete_packet 関数における重要なホストのメモリ情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-6836	2016-12-13 16:00	2016-08-11	Show	GitHub Exploit DB Packet Storm

198184	6	警告 Local	Fabrice Bellard	-	QEMU の hw/net/vmxnet_tx_pkt.c の vmxnet_tx_pkt_parse_headers 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-6835	2016-12-13 16:00	2016-08-10	Show	GitHub Exploit DB Packet Storm

198185	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/net/net_tx_pkt.c の net_tx_pkt_do_sw_fragmentation 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-6834	2016-12-13 16:00	2016-08-9	Show	GitHub Exploit DB Packet Storm

198186	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/net/vmxnet3.c の vmxnet3_io_bar0_write 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-416 解放済みメモリの使用	CVE-2016-6833	2016-12-13 16:00	2016-08-9	Show	GitHub Exploit DB Packet Storm

198187	4.4	警告 Local	Fabrice Bellard	-	QEMU の hw/virtio/virtio.c の virtqueue_map_desc 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 CWE-284	CVE-2016-6490	2016-12-13 16:00	2016-07-27	Show	GitHub Exploit DB Packet Storm

198188	6	警告 Local	Fabrice Bellard	-	QEMU の hw/scsi/mptsas.c の mptsas_fetch_requests 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 CWE-399	CVE-2016-4964	2016-12-13 16:00	2016-05-24	Show	GitHub Exploit DB Packet Storm

198189	7.5	重要 Network	OpenBSD	-	OpenSSH の kex.c の kex_input_kexinit 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-8858	2016-12-12 17:21	2016-10-10	Show	GitHub Exploit DB Packet Storm

198190	7.5	重要 Network	Linux	-	Linux Kernel の net/ipv6/icmp.c の icmp6_send 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-9919	2016-12-12 16:46	2016-11-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
971	7.5	HIGH Network	-	-	GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP where a mal… New	CWE-129 Improper Validation of Array Index	CVE-2026-41643	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

972	7.2	HIGH Network	-	-	NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks dangerous SQL … New	CWE-89 CWE-284 SQL Injection Improper Access Control	CVE-2026-41641	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

973	-		-	-	CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0.0 to before version 0.31.7.0, a theme… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-41587	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

974	5.3	MEDIUM Network	-	-	Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF … New	CWE-93 CWE-444 CRLF Injection HTTP Request Smuggling	CVE-2026-41417	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

975	-		-	-	CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Theme::upload extracts u… New	CWE-22 Path Traversal	CVE-2026-41203	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

976	-		-	-	OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the module upload endpoint at POST `/openmrs/ws/rest/v1/modul… New	CWE-22 Path Traversal	CVE-2026-40076	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

977	7.1	HIGH Adjacent	-	-	AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted fro… Update	CWE-126 Buffer Over-read	CVE-2026-37532	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

978	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision_call function in src/afb-supervision.c explicitl… Update	CWE-269 Improper Privilege Management	CVE-2026-37525	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

979	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without authenticatio… Update	CWE-284 Improper Access Control	CVE-2026-37526	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

980	9.8	CRITICAL Network	-	-	AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename fu… Update	CWE-22 CWE-367 Path Traversal Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-37531	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm