Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202471	9	危険	シスコシステムズ	-	Cisco Application Control Engine の Device Manager GUI における RBAC 制限を回避される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2016-1297	2016-03-18 18:22	2016-02-24	Show	GitHub Exploit DB Packet Storm

202472	7.8	危険	シスコシステムズ	-	複数の Cisco Nexus デバイスおよび Unified Computing System 上で稼動する Cisco NX-OS におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-0718	2016-03-18 18:22	2015-01-7	Show	GitHub Exploit DB Packet Storm

202473	5	警告	Swann	-	Swann SRNVW-470LCD および SWNVW-470CAM デバイスのファームウェアにおけるライブ映像を閲覧される脆弱性	CWE-Other その他	CVE-2015-8287	2016-03-18 17:54	2015-11-19	Show	GitHub Exploit DB Packet Storm

202474	3.5	注意	IBM	-	IBM Maximo Asset Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-0262	2016-03-18 15:51	2016-02-26	Show	GitHub Exploit DB Packet Storm

202475	4	警告	IBM	-	IBM Maximo Asset Management におけるアクセス制限を回避される脆弱性	CWE-Other その他	CVE-2016-0222	2016-03-18 15:51	2016-02-26	Show	GitHub Exploit DB Packet Storm

202476	4.3	警告	IBM	-	IBM WebSphere Commerce におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2016-0208	2016-03-18 15:51	2016-03-7	Show	GitHub Exploit DB Packet Storm

202477	6.8	警告	IBM	-	IBM FlashSystem V9000 におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-7446	2016-03-18 15:18	2015-09-29	Show	GitHub Exploit DB Packet Storm

202478	5	警告	Debian Canonical Novell Igor Sysoev	-	nginx のリゾルバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-0747	2016-03-18 14:52	2016-01-26	Show	GitHub Exploit DB Packet Storm

202479	6.8	警告	The WebRTC project Mozilla Foundation	-	Windows 上で稼動する Mozilla Firefox の WebRTC の実装の DesktopDisplayDevice クラスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2016-1976	2016-03-18 14:12	2016-03-8	Show	GitHub Exploit DB Packet Storm

202480	6.8	警告	The WebRTC project Mozilla Foundation	-	Windows 上で稼動する Mozilla Firefox の WebRTC の実装の dom/media/systemservices/CamerasChild.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-362 競合状態	CVE-2016-1975	2016-03-18 14:12	2016-03-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
781	7.5	HIGH Network	4d	server	Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adja… Update	CWE-611 XXE	CVE-2024-39847	2026-05-5 11:51	2026-04-30	Show	GitHub Exploit DB Packet Storm

782	9.8	CRITICAL Network	pylixm	django-mdeditor	All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary c… Update	CWE-306 Missing Authentication for Critical Function	CVE-2025-13030	2026-05-5 11:50	2026-04-30	Show	GitHub Exploit DB Packet Storm

783	4.8	MEDIUM Network	gnu	wget2	wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpos… Update	CWE-20 Improper Input Validation	CVE-2026-1858	2026-05-5 11:47	2026-04-30	Show	GitHub Exploit DB Packet Storm

784	9.8	CRITICAL Network	tenda	w3002r_firmware a302_firmware w309r_firmware	Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient se… Update	CWE-290 Authentication Bypass by Spoofing	CVE-2018-25317	2026-05-5 11:46	2026-04-30	Show	GitHub Exploit DB Packet Storm

785	8.8	HIGH Network	geovision	gv-lpc2011_firmware gv-lpc2211_firmware	An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An… New	CWE-78 OS Command	CVE-2026-42364	2026-05-5 11:45	2026-05-4	Show	GitHub Exploit DB Packet Storm

786	6.5	MEDIUM Network	geovision	gv-lpc2011_firmware gv-lpc2211_firmware	A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker … New	CWE-522 Insufficiently Protected Credentials	CVE-2026-42367	2026-05-5 11:45	2026-05-4	Show	GitHub Exploit DB Packet Storm

787	7.5	HIGH Network	geovision	gv-lpc2011_firmware gv-lpc2211_firmware	A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. … New	CWE-341 Predictable from Observable State	CVE-2026-42365	2026-05-5 11:44	2026-05-4	Show	GitHub Exploit DB Packet Storm

788	6.1	MEDIUM Network	geovision	gv-lpc2011_firmware gv-lpc2211_firmware	Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar… New	CWE-79 Cross-site Scripting	CVE-2026-42366	2026-05-5 11:43	2026-05-4	Show	GitHub Exploit DB Packet Storm

789	9.9	CRITICAL Network	geovision	gv-lpc2011_firmware gv-lpc2211_firmware	A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attack… New	CWE-266 Incorrect Privilege Assignment	CVE-2026-42368	2026-05-5 11:43	2026-05-4	Show	GitHub Exploit DB Packet Storm

790	9.8	CRITICAL Network	geovision	gv-vms_firmware	A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker ca… New	CWE-787 Out-of-bounds Write	CVE-2026-42370	2026-05-5 11:42	2026-05-4	Show	GitHub Exploit DB Packet Storm