Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201421 4.3 警告
Network 		Open-Xchange - Open-Xchange OX App Suite における任意のテキストメッセージを挿入される脆弱性 CWE-451
ユーザインターフェースにおける重要情報の誤った表示 		CVE-2016-4048 2016-12-28 11:38 2016-06-22 Show GitHub Exploit DB Packet Storm
201422 4.3 警告
Network 		Open-Xchange - Open-Xchange OX App Suite における操作された文書へのアクセスを追跡される脆弱性 CWE-200
CWE-611
CVE-2016-4047 2016-12-28 11:38 2016-06-22 Show GitHub Exploit DB Packet Storm
201423 5.8 警告
Network 		Open-Xchange - Open-Xchange OX App Suite の外部メールアカウントを構成する API におけるホストおよびサービスに関する情報を収集される脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2016-4046 2016-12-28 11:38 2016-06-22 Show GitHub Exploit DB Packet Storm
201424 6.1 警告
Network 		Open-Xchange - Open-Xchange OX App Suite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-4045 2016-12-28 11:38 2016-06-22 Show GitHub Exploit DB Packet Storm
201425 3.5
Network 		Open-Xchange - Open-Xchange OX AppSuite のフロントエンドにおけるユーザアカウントにアクセスされる脆弱性 CWE-200
情報漏えい 		CVE-2016-4027 2016-12-28 11:38 2016-06-20 Show GitHub Exploit DB Packet Storm
201426 6.1 警告
Network 		Open-Xchange - Open-Xchange OX AppSuite の content sanitizer コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-4026 2016-12-28 11:38 2016-05-10 Show GitHub Exploit DB Packet Storm
201427 5.4 警告
Network 		Open-Xchange - Open-Xchange OX AppSuite の Portal のタイルのラベルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-3173 2016-12-28 11:38 2016-03-29 Show GitHub Exploit DB Packet Storm
201428 6.1 警告
Network 		Open-Xchange - Open-Xchange OX Guard におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6854 2016-12-27 17:35 2016-09-13 Show GitHub Exploit DB Packet Storm
201429 6.1 警告
Network 		Open-Xchange - Open-Xchange OX Guard におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6853 2016-12-27 17:35 2016-09-13 Show GitHub Exploit DB Packet Storm
201430 6.1 警告
Network 		Open-Xchange - Open-Xchange OX Guard におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6851 2016-12-27 17:35 2016-09-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2741 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. - CVE-2026-9818 2026-05-29 02:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2742 6.3 MEDIUM
Network 		- - A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the arg… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-9531 2026-05-29 02:16 2026-05-26 Show GitHub Exploit DB Packet Storm
2743 8.8 HIGH
Network 		- - A vulnerability has been found in Edimax EW-7438RPn 1.31. This impacts the function formSDHCP of the file /goform/formSDHCP. Such manipulation of the argument submit-url leads to stack-based buffer o… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-9482 2026-05-29 02:16 2026-05-26 Show GitHub Exploit DB Packet Storm
2744 7.5 HIGH
Network 		- - Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get_resource() method in taipy/gui/extension/library.py that allows unauthenticated attackers to es… CWE-22
Path Traversal 		CVE-2026-48544 2026-05-29 02:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2745 6.5 MEDIUM
Network 		- - OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the … CWE-89
SQL Injection 		CVE-2026-38930 2026-05-29 02:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2746 7.3 HIGH
Network 		- - An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php. CWE-94
Code Injection 		CVE-2026-37713 2026-05-29 02:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2747 7.3 HIGH
Network 		- - An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, call_user_func_array() in fun… CWE-94
Code Injection 		CVE-2026-37712 2026-05-29 02:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2748 5.5 MEDIUM
Local 		libusb libusb libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface cla… CWE-125
Out-of-bounds Read 		CVE-2026-23679 2026-05-29 02:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2749 5.5 MEDIUM
Local 		- - SpSoft AppLock (com.sp.protector.free) 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mec… CWE-285
CWE-287
Improper Authorization
Improper Authentication 		CVE-2025-68712 2026-05-29 02:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2750 6.6 MEDIUM
Network 		jenkins active_directory Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation. CWE-502
 Deserialization of Untrusted Data 		CVE-2026-48919 2026-05-29 02:14 2026-05-28 Show GitHub Exploit DB Packet Storm