Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
199741 9.8 緊急
Network 		ImageMagick - ImageMagick の MagickCore/draw.c の DrawImage 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4564 2016-11-16 17:19 2016-05-6 Show GitHub Exploit DB Packet Storm
199742 8.8 重要
Network 		ImageMagick - ImageMagick の MagickCore/draw.c の TraceStrokePolygon 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4563 2016-11-16 17:19 2016-05-6 Show GitHub Exploit DB Packet Storm
199743 8.8 重要
Network 		ImageMagick - ImageMagick の MagickCore/draw.c の DrawDashPolygon 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4562 2016-11-16 17:19 2016-05-6 Show GitHub Exploit DB Packet Storm
199744 6.8 警告 Debian
openSUSE project
Google		 - Google Chrome の Developer Tools サブシステムにおけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1627 2016-11-16 16:32 2016-02-9 Show GitHub Exploit DB Packet Storm
199745 6.8 警告 Debian
openSUSE project
Google		 - Google Chrome で使用される Brotli の dec/decode.c の ProcessCommandsInternal 関数における整数アンダーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-1624 2016-11-16 16:32 2016-02-9 Show GitHub Exploit DB Packet Storm
199746 4.3 警告 Debian
openSUSE project
Google		 - Google Chrome の PDFium で使用される OpenJPEG の pi.c の opj_pi_update_decode_poc 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-1626 2016-11-16 16:32 2016-02-9 Show GitHub Exploit DB Packet Storm
199747 5.5 警告
Local 		Linux
オラクル		 - Linux Kernel のファイルシステムレイヤにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2016-6198 2016-11-16 16:10 2016-05-18 Show GitHub Exploit DB Packet Storm
199748 5.5 警告
Local 		Linux
オラクル		 - Linux Kernel の OverlayFS ファイルシステムの実装の fs/overlayfs/dir.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-6197 2016-11-16 16:09 2016-03-21 Show GitHub Exploit DB Packet Storm
199749 8.8 重要
Network 		シトリックス・システムズ
Xen プロジェクト		 - Xen の arch/x86/mm.c の PV のページテーブルのコードにおけるホスト OS の権限を取得される脆弱性 CWE-Other
その他 		CVE-2016-6258 2016-11-16 16:09 2015-07-26 Show GitHub Exploit DB Packet Storm
199750 8.8 重要
Network 		アップル
Debian
Canonical		 - 複数の Apple 製品で使用される libxml2 の xmlStrncat 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-1834 2016-11-16 16:04 2016-05-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1571 6.4 MEDIUM
Network 		- - AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon titl… CWE-79
Cross-site Scripting 		CVE-2021-47910 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1572 6.4 MEDIUM
Network 		- - Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScrip… CWE-79
Cross-site Scripting 		CVE-2021-47922 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1573 9.8 CRITICAL
Network 		- - OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into the OCSESSID cookie. Attackers can set malicious OCSESSID c… CWE-290
 Authentication Bypass by Spoofing 		CVE-2021-47923 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1574 6.4 MEDIUM
Network 		- - Ultimate Product Catalog 5.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the price parameter. Attackers can submit P… CWE-79
Cross-site Scripting 		CVE-2021-47924 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1575 6.4 MEDIUM
Network 		- - CMDBuild 3.3.2 contains multiple stored cross-site scripting vulnerabilities that allow authenticated attackers to inject arbitrary web script or HTML via crafted input in card creation and file uplo… CWE-79
Cross-site Scripting 		CVE-2021-47925 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1576 6.4 MEDIUM
Network 		- - Contact Form to Email 1.3.24 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by creating forms with script tags in the form name f… CWE-79
Cross-site Scripting 		CVE-2021-47926 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1577 6.4 MEDIUM
Network 		- - WordPress Plugin WP Symposium Pro 2021.10 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting insufficient sanitization … CWE-79
Cross-site Scripting 		CVE-2021-47927 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1578 8.2 HIGH
Network 		- - Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the product_id paramete… CWE-89
SQL Injection 		CVE-2021-47928 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1579 9.8 CRITICAL
Network 		- - WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler… CWE-862
 Missing Authorization 		CVE-2021-47932 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm
1580 9.8 CRITICAL
Network 		- - WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers… CWE-306
Missing Authentication for Critical Function 		CVE-2021-47933 2026-05-12 23:24 2026-05-10 Show GitHub Exploit DB Packet Storm