Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198401 6 警告
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen の x86 セグメントベースの書き込みのエミュレーション機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9385 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
198402 8.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における任意のメモリを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9383 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
198403 7.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9382 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
198404 7.5 重要
Local 		シトリックス・システムズ
Fabrice Bellard		 - Xen の QEMU における権限を取得される脆弱性 CWE-264
CWE-362
CVE-2016-9381 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
198405 8.8 重要
Adjacent 		Ubiquiti Networks - Ubiquiti Networks UniFi におけるデータベースを変更される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-7792 2017-02-8 16:52 2016-09-30 Show GitHub Exploit DB Packet Storm
198406 7.5 重要
Network 		jwt project - jwt の Encryption/Symmetric.php の verify 関数における署名を偽造される脆弱性 CWE-361
時間とステータス 		CVE-2016-7037 2017-02-8 16:50 2016-09-6 Show GitHub Exploit DB Packet Storm
198407 9.1 緊急
Network 		Doorkeeper project - Ruby 用 Doorkeeper gem における反射攻撃を実行される脆弱性 CWE-254
セキュリティ機能 		CVE-2016-6582 2017-02-8 16:49 2016-08-19 Show GitHub Exploit DB Packet Storm
198408 6.1 警告
Network 		Infoblox - Infoblox Network Automation NetMRI における CRLF インジェクションの脆弱性 CWE-93
CRLF インジェクション 		CVE-2016-6484 2017-02-8 16:48 2016-09-6 Show GitHub Exploit DB Packet Storm
198409 7.5 重要
Network 		FFmpeg - FFmpeg の libavcodec/exr.c の decode_block 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-6920 2017-02-8 16:46 2016-08-25 Show GitHub Exploit DB Packet Storm
198410 9.8 緊急
Network 		FFmpeg - FFmpeg の libavformat/mov.c の mov_build_index 関数における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2016-6164 2017-02-8 16:46 2016-06-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1911 9.1 CRITICAL
Network 		- - Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. Prior to version 2.13.0, a Server-Side Request Forgery (SSRF) vulnerability in the f… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-44313 2026-05-13 01:39 2026-05-9 Show GitHub Exploit DB Packet Storm
1912 5.3 MEDIUM
Network 		- - A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59. Affected by this issue is the function recall_relevant_memories_to_working_memory of the file core/… CWE-400
CWE-404
 Uncontrolled Resource Consumption
 Improper Resource Shutdown or Release 		CVE-2026-8319 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1913 4.7 MEDIUM
Network 		- - A security vulnerability has been detected in jishenghua jshERP up to 3.6. This affects the function getUserByWeixinCode of the file jshERP-boot/src/main/java/com/jsh/erp/service/UserService.java of … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8320 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1914 7.3 HIGH
Network 		- - A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware. P… CWE-287
CWE-288
Improper Authentication
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-8321 2026-05-13 01:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1915 - - - CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in ra… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-6866 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1916 4.4 MEDIUM
Local 		- - An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a sh… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-7431 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1917 7.8 HIGH
Local 		- - A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM CWE-362
Race Condition 		CVE-2026-7432 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1918 6.5 MEDIUM
Network 		- - An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials. CWE-749
 Exposed Dangerous Method or Function 		CVE-2026-8109 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1919 7.8 HIGH
Local 		- - Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-8110 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1920 8.8 HIGH
Network 		- - SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution. CWE-89
SQL Injection 		CVE-2026-8111 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm