Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203291 7.8 重要
Local 		AVAST Software s.r.o. - 複数の Avast 製品の Avast 仮想化ドライバにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-8620 2016-04-18 15:30 2015-12-23 Show GitHub Exploit DB Packet Storm
203292 6.5 警告
Local 		Fabrice Bellard - QEMU の net/checksum.c の net_checksum_calculate 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-2857 2016-04-18 15:10 2016-03-8 Show GitHub Exploit DB Packet Storm
203293 5.9 警告
Network 		Fabrice Bellard - QEMU の hw/scsi/scsi-bus.c におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-5158 2016-04-18 15:10 2015-07-22 Show GitHub Exploit DB Packet Storm
203294 4.3 警告
Network 		Atlassian - Atlassian Confluence における設定ファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-8399 2016-04-18 14:52 2015-11-19 Show GitHub Exploit DB Packet Storm
203295 8.8 重要
Network 		Debian
OAR project		 - OAR の oarsh スクリプトにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1235 2016-04-18 14:52 2016-03-31 Show GitHub Exploit DB Packet Storm
203296 5.3 警告
Network 		Google
レッドハット		 - Kubernetes における任意の pod ログが読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-7528 2016-04-18 14:47 2015-12-3 Show GitHub Exploit DB Packet Storm
203297 6.1 警告
Network 		フォーティネット - FortiOS の Web ユーザインターフェースにおけるユーザを任意の Web サイトにリダイレクトされる脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-3978 2016-04-18 14:45 2016-03-16 Show GitHub Exploit DB Packet Storm
203298 9.8 緊急
Network 		アドビシステムズ
Google		 - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-1021 2016-04-15 18:17 2016-04-7 Show GitHub Exploit DB Packet Storm
203299 9.8 緊急
Network 		アドビシステムズ
Google		 - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2016-1020 2016-04-15 18:17 2016-04-7 Show GitHub Exploit DB Packet Storm
203300 8.8 重要
Network 		マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-1018 2016-04-15 18:17 2016-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
281 5.4 MEDIUM
Network 		traccar traccar Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the KML and GPX export functionality writes device names to XML output without proper … Update CWE-91
Blind XPath Injection 		CVE-2026-27693 2026-05-9 05:04 2026-05-5 Show GitHub Exploit DB Packet Storm
282 5.4 MEDIUM
Network 		traccar traccar Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver n… Update CWE-79
Cross-site Scripting 		CVE-2026-27694 2026-05-9 05:03 2026-05-5 Show GitHub Exploit DB Packet Storm
283 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot con… Update NVD-CWE-noinfo
CVE-2026-43273 2026-05-9 05:01 2026-05-6 Show GitHub Exploit DB Packet Storm
284 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-43272 2026-05-9 05:00 2026-05-6 Show GitHub Exploit DB Packet Storm
285 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() In mtk_mdp_probe(), vpu_get_plat_device() increases the reference co… Update NVD-CWE-Other
CVE-2026-43270 2026-05-9 05:00 2026-05-6 Show GitHub Exploit DB Packet Storm
286 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in process_metadata_update The function process_metadata_update() blindly dereferences t… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-43271 2026-05-9 05:00 2026-05-6 Show GitHub Exploit DB Packet Storm
287 4.6 MEDIUM
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval() function on… Update CWE-79
Cross-site Scripting 		CVE-2026-42086 2026-05-9 04:54 2026-05-5 Show GitHub Exploit DB Packet Storm
288 4.3 MEDIUM
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in… Update CWE-23
 Relative Path Traversal 		CVE-2026-42085 2026-05-9 04:54 2026-05-5 Show GitHub Exploit DB Packet Storm
289 8.1 HIGH
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionalit… Update CWE-620
 Unverified Password Change 		CVE-2026-42084 2026-05-9 04:54 2026-05-5 Show GitHub Exploit DB Packet Storm
290 9.6 CRITICAL
Network 		openc3 cosmos OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability e… Update CWE-89
SQL Injection 		CVE-2026-42087 2026-05-9 04:53 2026-05-5 Show GitHub Exploit DB Packet Storm