Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202781	3.5	注意	IBM	-	IBM InfoSphere Master Data Management の Reference Data Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-7492	2016-02-29 10:53	2015-09-29	Show	GitHub Exploit DB Packet Storm

202782	3.5	注意	IBM	-	IBM Emptoris Contract Management におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-7398	2016-02-29 10:53	2015-09-29	Show	GitHub Exploit DB Packet Storm

202783	6.8	警告	IBM	-	IBM Emptoris Contract Management におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-5050	2016-02-29 10:53	2015-06-24	Show	GitHub Exploit DB Packet Storm

202784	3.5	注意	IBM	-	IBM Security QRadar SIEM の Web UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-4957	2016-02-29 10:52	2015-06-24	Show	GitHub Exploit DB Packet Storm

202785	6.8	警告	アップル Henry Spencer	-	Henry Spencer の正規表現 (regex) ライブラリにバッファオーバーフローの脆弱性	CWE-189 CWE-Other	CVE-2015-2305	2016-02-26 17:55	2015-02-13	Show	GitHub Exploit DB Packet Storm

202786	9.3	危険	日立	-	JP1/Cm2/Network Node Manager i における複数の脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2016-02-26 17:51	2014-12-12	Show	GitHub Exploit DB Packet Storm

202787	9.3	危険	日立	-	JP1/Cm2/Network Node Manager i における複数のバッファオーバーフローの脆弱性	CWE-noinfo 情報不足	-	2016-02-26 17:28	2014-12-12	Show	GitHub Exploit DB Packet Storm

202788	10	危険	Linux	-	Linux Kernel の net/netfilter/nf_nat_redirect.c の nf_nat_redirect_ipv4 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2015-8787	2016-02-26 16:34	2015-10-27	Show	GitHub Exploit DB Packet Storm

202789	4.9	警告	Linux	-	Linux Kernel の fs/fuse/file.c の fuse_fill_write_pages 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-8785	2016-02-26 16:34	2015-10-12	Show	GitHub Exploit DB Packet Storm

202790	6.9	警告	Linux	-	Linux Kernel の kernel/ptrace.c における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-8709	2016-02-26 16:34	2015-12-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
301	5.3	MEDIUM Network	-	-	A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. … New	CWE-476 NULL Pointer Dereference	CVE-2026-33007	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

302	-		-	-	A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes th… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-33006	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

303	7.5	HIGH Network	-	-	Easy PayPal Events & Tickets plugin for WordPress version 1.3 and earlier contain a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated rem… New	CWE-798 Use of Hard-coded Credentials	CVE-2026-32834	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

304	-		-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid… New	-	CVE-2026-2828	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

305	8.1	HIGH Adjacent	-	-	BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent attac… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-29004	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

306	-		-	-	An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgra… New	CWE-269 Improper Privilege Management	CVE-2026-24072	2026-05-5 03:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

307	8.8	HIGH Network	-	-	Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… New	CWE-415 Double Free	CVE-2026-23918	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

308	-		-	-	In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as… New	-	CVE-2026-0073	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

309	5.9	MEDIUM Network	-	-	An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray() New	CWE-400 CWE-770 Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2025-70071	2026-05-5 03:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

310	7.5	HIGH Network	-	-	An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial() method New	CWE-400 CWE-770 Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2025-70069	2026-05-5 03:16	2026-05-4	Show	GitHub Exploit DB Packet Storm