Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
198761	6.4	警告 Local	オラクル	-	Oracle Database Server の RDBMS Security における脆弱性	CWE-Other その他	CVE-2016-5497	2016-10-28 13:58	2016-10-18	Show	GitHub Exploit DB Packet Storm

198762	4.2	警告 Network	オラクル	-	Oracle Financial Services Applications の Oracle FLEXCUBE Private Banking における Admin に関する脆弱性	CWE-Other その他	CVE-2016-5493	2016-10-28 13:56	2016-10-18	Show	GitHub Exploit DB Packet Storm

198763	7.1	重要 Local	オラクル	-	Oracle Sun Systems Products Suite の Sun ZFS Storage Appliance Kit (AK) における SMB Users に関する脆弱性	CWE-Other その他	CVE-2016-5492	2016-10-28 13:55	2016-10-18	Show	GitHub Exploit DB Packet Storm

198764	8.2	重要 Network	オラクル	-	Oracle Commerce の Oracle Commerce Service Center における Commerce Service Center に関する脆弱性	CWE-Other その他	CVE-2016-5491	2016-10-28 13:52	2016-10-18	Show	GitHub Exploit DB Packet Storm

198765	8.2	重要 Network	オラクル	-	Oracle Commerce の Oracle Commerce Guided Search における Oracle Commerce Guided Search に関する脆弱性	CWE-Other その他	CVE-2016-5482	2016-10-28 13:52	2016-10-18	Show	GitHub Exploit DB Packet Storm

198766	2.4	低 Network	オラクル	-	Oracle Database Server の RDBMS Security and SQL*Plus における脆弱性	CWE-200 情報漏えい	CVE-2016-3562	2016-10-28 13:51	2016-10-18	Show	GitHub Exploit DB Packet Storm

198767	5.5	警告 Local	オラクル	-	Oracle Sun Systems Products Suite の Solaris における Kernel Zones に関する脆弱性	CWE-Other その他	CVE-2016-5576	2016-10-28 13:44	2016-10-18	Show	GitHub Exploit DB Packet Storm

198768	5.3	警告 Network	オラクル	-	Oracle E-Business Suite の Oracle Common Applications Calendar における Resources Module に関する脆弱性	CWE-200 CWE-Other	CVE-2016-5575	2016-10-28 13:44	2016-10-18	Show	GitHub Exploit DB Packet Storm

198769	8.6	重要 Network	オラクル	-	Oracle Fusion Middleware の Oracle Outside In Technology における Outside In Filters に関する脆弱性	CWE-Other その他	CVE-2016-5574	2016-10-28 13:44	2016-10-18	Show	GitHub Exploit DB Packet Storm

198770	7.6	重要 Network	オラクル	-	Oracle E-Business Suite の Oracle iProcurement における Requisition Management に関する脆弱性	CWE-Other その他	CVE-2016-5562	2016-10-28 13:44	2016-10-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1211	5.9	MEDIUM Network	perldancer	dancer\	Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the proce… Update	CWE-338 CWE-340 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Generation of Predictable Numbers or Identifiers	CVE-2026-5080	2026-05-5 11:54	2026-04-30	Show	GitHub Exploit DB Packet Storm

1212	5.3	MEDIUM Network	asrmicro	asr1901_firmware asr1903_firmware	NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/s… Update	CWE-476 NULL Pointer Dereference	CVE-2026-42800	2026-05-5 11:54	2026-04-30	Show	GitHub Exploit DB Packet Storm

1213	9.8	CRITICAL Network	asrmicro	asr1803_firmware	Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects … Update	CWE-125 Out-of-bounds Read	CVE-2026-42799	2026-05-5 11:53	2026-04-30	Show	GitHub Exploit DB Packet Storm

1214	9.8	CRITICAL Network	oppo	coloros_assistant	ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. Update	CWE-23 CWE-22 Relative Path Traversal Path Traversal	CVE-2026-22070	2026-05-5 11:53	2026-04-30	Show	GitHub Exploit DB Packet Storm

1215	7.5	HIGH Network	4d	server	Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adja… Update	CWE-611 XXE	CVE-2024-39847	2026-05-5 11:51	2026-04-30	Show	GitHub Exploit DB Packet Storm

1216	9.8	CRITICAL Network	pylixm	django-mdeditor	All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary c… Update	CWE-306 Missing Authentication for Critical Function	CVE-2025-13030	2026-05-5 11:50	2026-04-30	Show	GitHub Exploit DB Packet Storm

1217	4.8	MEDIUM Network	gnu	wget2	wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpos… Update	CWE-20 Improper Input Validation	CVE-2026-1858	2026-05-5 11:47	2026-04-30	Show	GitHub Exploit DB Packet Storm

1218	9.8	CRITICAL Network	tenda	w3002r_firmware a302_firmware w309r_firmware	Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient se… Update	CWE-290 Authentication Bypass by Spoofing	CVE-2018-25317	2026-05-5 11:46	2026-04-30	Show	GitHub Exploit DB Packet Storm

1219	8.8	HIGH Network	geovision	gv-lpc2011_firmware gv-lpc2211_firmware	An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An… New	CWE-78 OS Command	CVE-2026-42364	2026-05-5 11:45	2026-05-4	Show	GitHub Exploit DB Packet Storm

1220	6.5	MEDIUM Network	geovision	gv-lpc2011_firmware gv-lpc2211_firmware	A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker … New	CWE-522 Insufficiently Protected Credentials	CVE-2026-42367	2026-05-5 11:45	2026-05-4	Show	GitHub Exploit DB Packet Storm