Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198771 5.9 警告
Network 		Google - Android の GPS コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-5348 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198772 7.8 重要
Local 		Google - Nexus 6P および Android One デバイス上で稼動する Android の Synaptics タッチスクリーンドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3940 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198773 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm ビデオドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3939 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198774 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm ビデオドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3938 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198775 7.8 重要
Local 		Google - Android の MediaTek ビデオドライバにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3937 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198776 7.8 重要
Local 		Google - Android の MediaTek ビデオドライバにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-3936 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198777 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm カメラドライバにおける権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2016-3934 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198778 7.8 重要
Local 		Google - Nexus 9 および Pixel C デバイス上で稼動する Android のメディアサーバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3933 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198779 7.8 重要
Local 		Google - Android のメディアサーバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3932 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
198780 7.8 重要
Local 		Google - 複数の Nexus および Android One デバイス上で稼動する Android の Qualcomm QSEE Communicator ドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-3931 2016-10-14 11:50 2016-10-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
391 8.8 HIGH
Network 		tenda hg3_firmware A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation of the argument datasize can lead to co… Update CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-7160 2026-05-1 03:23 2026-04-28 Show GitHub Exploit DB Packet Storm
392 8.8 HIGH
Network 		tenda hg3_firmware A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet causes stack-based buffer ov… Update CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-7151 2026-05-1 03:22 2026-04-28 Show GitHub Exploit DB Packet Storm
393 8.8 HIGH
Network 		tenda hg3_firmware A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injec… Update CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-7119 2026-05-1 03:22 2026-04-27 Show GitHub Exploit DB Packet Storm
394 6.1 MEDIUM
Adjacent 		- - A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-sco… New CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2026-7163 2026-05-1 03:16 2026-04-30 Show GitHub Exploit DB Packet Storm
395 6.5 MEDIUM
Adjacent 		- - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An att… Update CWE-843
Type Confusion 		CVE-2026-6732 2026-05-1 03:16 2026-04-24 Show GitHub Exploit DB Packet Storm
396 6.5 MEDIUM
Network 		- - Improper access control in the vault documentation feature in Devolutions Server allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request. … Update CWE-862
 Missing Authorization 		CVE-2026-6706 2026-05-1 03:16 2026-04-28 Show GitHub Exploit DB Packet Storm
397 6.5 MEDIUM
Network 		- - A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constrai… New CWE-178
 Improper Handling of Case Sensitivity 		CVE-2026-3833 2026-05-1 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
398 3.7 LOW
Network 		- - A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a lo… New CWE-179
 Incorrect Behavior Order: Early Validation 		CVE-2026-3832 2026-05-1 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
399 6.1 MEDIUM
Network 		- - Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detail_produk.php component New CWE-79
Cross-site Scripting 		CVE-2026-38940 2026-05-1 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
400 6.1 MEDIUM
Network 		- - Cross Site Scripting vulnerability in andrewtch88 mvc-ecommerce v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the product_catalogue.php component New CWE-79
Cross-site Scripting 		CVE-2026-38939 2026-05-1 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm