Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
199781	5.8	警告	アップルオラクル OpenBSD	-	OpenSSH の sshd における環境による制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2532	2016-11-22 15:58	2014-03-16	Show	GitHub Exploit DB Packet Storm

199782	6.4	警告	Apache Software Foundation オラクル	-	Apache Tomcat の java/org/apache/coyote/http11/filters/ChunkedInputFilter.java における HTTP リクエストスマグリング攻撃を実行される脆弱性	CWE-Other その他	CVE-2014-0227	2016-11-22 15:58	2014-06-24	Show	GitHub Exploit DB Packet Storm

199783	4	警告	オラクル	-	Oracle MySQL の MySQL Server における Server : Optimizer に関する脆弱性	CWE-noinfo 情報不足	CVE-2015-0409	2016-11-22 15:57	2015-01-20	Show	GitHub Exploit DB Packet Storm

199784	5	警告	アップル日本電気 OpenSSL Project ヒューレット・パッカードオラクル	-	OpenSSL の crypto/asn1/a_type.c の ASN1_TYPE_cmp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2015-0286	2016-11-22 15:56	2015-03-19	Show	GitHub Exploit DB Packet Storm

199785	10	危険	日本電気アップルサイバートラスト株式会社ヒューレット・パッカードオラクル GNU Project 日立	-	glibc ライブラリにバッファオーバーフローの脆弱性	CWE-119 CWE-Other	CVE-2015-0235	2016-11-22 15:56	2015-01-28	Show	GitHub Exploit DB Packet Storm

199786	5	警告	ヒューレット・パッカード日本電気日立オラクル NTP Project	-	NTP の ntpd の ntp_proto.c の receive 関数における意図しない関連付けの変更を誘発される脆弱性	CWE-Other その他	CVE-2014-9296	2016-11-22 15:56	2014-11-3	Show	GitHub Exploit DB Packet Storm

199787	7.5	危険	MySQL AB オラクル	-	Oracle MySQL の MySQL Server における Server : Security : Encryption に関する脆弱性	CWE-noinfo 情報不足	CVE-2015-0411	2016-11-22 15:55	2015-01-20	Show	GitHub Exploit DB Packet Storm

199788	4	警告	オラクル	-	Oracle MySQL の MySQL Server における Server : Optimizer に関する脆弱性	CWE-noinfo 情報不足	CVE-2015-0423	2016-11-22 15:51	2015-04-14	Show	GitHub Exploit DB Packet Storm

199789	5.9	警告 Network	日本電気 OpenSSL Project 日立オラクル	-	OpenSSL の ssl/s2_srvr.c における暗号保護メカニズムを破られる脆弱性	CWE-200 CWE-310 CWE-Other	CVE-2015-3197	2016-11-22 15:48	2015-12-31	Show	GitHub Exploit DB Packet Storm

199790	5.3	警告 Network	アップル OpenSSL Project ヒューレット・パッカード・エンタープライズオラクル	-	OpenSSL の crypto/asn1/tasn_dec.c の ASN1_TFLG_COMBINE の実装におけるプロセスメモリから重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-3195	2016-11-22 15:48	2015-12-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1811	7.5	HIGH Network	apple	ipados iphone_os macos tvos visionos watchos	This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watch…	CWE-284 Improper Access Control	CVE-2026-28974	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1812	7.5	HIGH Network	apple	ipados iphone_os	A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.5 and iPadOS 26.5. A user may be able to view restricted content from the lock screen.	CWE-284 Improper Access Control	CVE-2026-28965	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1813	7.5	HIGH Network	apple	ipados iphone_os visionos	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to access sensitive user data.	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-28964	2026-05-13 03:46	2026-05-12	Show	GitHub Exploit DB Packet Storm

1814	4.4	MEDIUM Local	anthropic	claude_sdk_for_typescript	Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.91.1, the BetaLocalFilesystemMemoryTool in …	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-41686	2026-05-13 03:37	2026-05-5	Show	GitHub Exploit DB Packet Storm

1815	-		-	-	LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before …	CWE-522 Insufficiently Protected Credentials	CVE-2026-8368	2026-05-13 03:17	2026-05-13	Show	GitHub Exploit DB Packet Storm

1816	4.2	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement p…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-43883	2026-05-13 03:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

1817	5.4	MEDIUM Network	-	-	WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/userSavePhoto.php is a legacy profile-photo endpoint that accepts a base64 POST parameter and writes the de…	CWE-352 Origin Validation Error	CVE-2026-43877	2026-05-13 03:17	2026-05-12	Show	GitHub Exploit DB Packet Storm

1818	7.3	HIGH Network	-	-	CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its make_parquet_list.py data processing tool. The script l…	CWE-502 Deserialization of Untrusted Data	CVE-2026-31249	2026-05-13 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1819	7.5	HIGH Network	-	-	docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url.	CWE-22 Path Traversal	CVE-2025-65418	2026-05-13 03:16	2026-05-12	Show	GitHub Exploit DB Packet Storm

1820	5.5	MEDIUM Local	python	pillow	Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polyg…	CWE-122 Heap-based Buffer Overflow	CVE-2026-42309	2026-05-13 02:57	2026-05-9	Show	GitHub Exploit DB Packet Storm