Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
202831	4.4	警告 Local	Linux Debian Xen プロジェクト Canonical	-	Xen の PCI バックエンドドライバにおける WARN メッセージの連続ストリームを生成される脆弱性	CWE-20 不適切な入力確認	CVE-2015-8552	2016-04-20 11:46	2015-12-17	Show	GitHub Exploit DB Packet Storm

202832	5.3	警告 Local	Linux Debian Xen プロジェクト Canonical	-	Xen の PCI バックエンドドライバにおける BUG 条件にヒットされる脆弱性	CWE-Other その他	CVE-2015-8551	2016-04-20 11:46	2015-12-17	Show	GitHub Exploit DB Packet Storm

202833	4.3	警告 Network	OpenStack	-	OpenStack Image Service におけるイメージのステータスを変更される脆弱性	CWE-Other その他	CVE-2016-0757	2016-04-20 11:42	2016-02-3	Show	GitHub Exploit DB Packet Storm

202834	6.3	警告 Network	シャープ株式会社	-	EVAアニメータ用 ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-1176	2016-04-20 09:38	2016-04-4	Show	GitHub Exploit DB Packet Storm

202835	7.8	重要 Local	NVIDIA	-	Windows 上で稼動する NVIDIA GPU グラフィックドライバのカーネルモードドライバレイヤの Escape インターフェースにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-2556	2016-04-19 18:11	2016-03-14	Show	GitHub Exploit DB Packet Storm

202836	7.5	重要 Network	ジュニパーネットワークス	-	Juniper ScreenOS の管理 Web サービスインターフェースにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-1268	2016-04-19 18:04	2016-04-13	Show	GitHub Exploit DB Packet Storm

202837	5.9	警告 Network	F5 Networks	-	F5 BIG-IP APM および BIG-IP Edge Gateway の Single Sign-On 機能における重要な SessionId 情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-3686	2016-04-19 17:52	2016-04-9	Show	GitHub Exploit DB Packet Storm

202838	7.5	重要 Network	xmlsoft.org	-	libxml2 の dict.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2015-8806	2016-04-19 17:51	2015-05-8	Show	GitHub Exploit DB Packet Storm

202839	5.3	警告 Network	シスコシステムズ	-	Cisco Catalyst スイッチ上で稼動する Cisco IOS における重要なソフトウェアバージョン情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-1378	2016-04-19 17:45	2016-04-13	Show	GitHub Exploit DB Packet Storm

202840	5.3	警告 Network	シスコシステムズ	-	Cisco ASR 9000 デバイス上で稼動する Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-1376	2016-04-19 17:45	2016-04-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	3.5	LOW Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentio… Update	CWE-1230 Exposure of Sensitive Information Through Metadata	CVE-2025-31959	2026-05-8 01:35	2026-05-7	Show	GitHub Exploit DB Packet Storm

862	5.3	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially a… Update	CWE-200 Information Exposure	CVE-2025-31975	2026-05-8 01:33	2026-05-7	Show	GitHub Exploit DB Packet Storm

863	7.5	HIGH Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to… Update	CWE-200 CWE-522 Information Exposure Insufficiently Protected Credentials	CVE-2025-31976	2026-05-8 01:30	2026-05-7	Show	GitHub Exploit DB Packet Storm

864	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe ("usb: gadget: uvc: allow for application t… Update	CWE-476 NULL Pointer Dereference	CVE-2026-31726	2026-05-8 01:26	2026-05-2	Show	GitHub Exploit DB Packet Storm

865	4.6	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. An attacker could populate data fields whic… Update	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2025-31978	2026-05-8 01:26	2026-05-7	Show	GitHub Exploit DB Packet Storm

866	5.4	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, p… Update	CWE-200 Information Exposure	CVE-2025-31984	2026-05-8 01:25	2026-05-7	Show	GitHub Exploit DB Packet Storm

867	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo Commit ec35c1969650 ("usb: gadget: f_ncm: Fix net_device lifecycl… Update	CWE-476 NULL Pointer Dereference	CVE-2026-31727	2026-05-8 01:20	2026-05-2	Show	GitHub Exploit DB Packet Storm

868	6.8	MEDIUM Network	-	-	Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetch_metadata.php validates the resolved IP address but passes the original hostname-… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42194	2026-05-8 01:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

869	6.0	MEDIUM Network	-	-	Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the webhook notification feature reuses an administrator-configured local-target allowlist for ever… New	CWE-863 CWE-918 Incorrect Authorization Server-Side Request Forgery (SSRF)	CVE-2026-41689	2026-05-8 01:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

870	4.3	MEDIUM Network	-	-	Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php (line 42) and endpoints/payments/add.php (line 40)… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41687	2026-05-8 01:16	2026-05-8	Show	GitHub Exploit DB Packet Storm