Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
203401 9.1 緊急
Network 		アドビシステムズ - Adobe Creative Cloud デスクトップアプリケーションにおける任意のファイルを読み書きされる脆弱性 CWE-noinfo
情報不足 		CVE-2016-1034 2016-04-21 10:16 2016-04-12 Show GitHub Exploit DB Packet Storm
203402 7.4 重要
Local 		Foxit Software Inc - Foxit Reader の Foxit クラウドアップデートサービスにおける権限を取得される脆弱性 CWE-119
バッファエラー 		CVE-2015-8843 2016-04-20 17:56 2015-10-8 Show GitHub Exploit DB Packet Storm
203403 6.5 警告
Network 		Debian
LibTIFF		 - LibTIFF の tif_next.c の NeXTDecode 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2015-8784 2016-04-20 17:08 2015-12-27 Show GitHub Exploit DB Packet Storm
203404 7.5 重要
Network 		Drupal
Debian		 - Drupal の XML-RPC システムにおける総当たり攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2016-3163 2016-04-20 17:07 2016-02-24 Show GitHub Exploit DB Packet Storm
203405 5.4 警告
Network 		Four Kitchens - Drupal 用 Block Class モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-3144 2016-04-20 17:07 2016-04-15 Show GitHub Exploit DB Packet Storm
203406 9.8 緊急
Network 		Linux Foundation
レッドハット		 - foomatic-filters の foomatic-rip の unhtmlify 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-5325 2016-04-20 16:55 2010-08-27 Show GitHub Exploit DB Packet Storm
203407 9.8 緊急
Network 		openSUSE project - openSUSE および Leap の obs-service-extract_file パッケージにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2016-4007 2016-04-20 16:40 2016-02-20 Show GitHub Exploit DB Packet Storm
203408 8.8 重要
Network 		Apache Software Foundation - Apache Ranger における親リソースレベルのアクセスの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-0735 2016-04-20 16:19 2016-03-28 Show GitHub Exploit DB Packet Storm
203409 9.8 緊急
Network 		Apache Software Foundation - Apache Ranger の Admin UI における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2016-0733 2016-04-20 16:19 2016-02-5 Show GitHub Exploit DB Packet Storm
203410 8.1 重要
Network 		シトリックス・システムズ - Citrix Command Center の Administration Web UI サーブレットにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-7999 2016-04-20 16:18 2015-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
691 7.8 HIGH
Local 		- - libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-boun… New CWE-122
CWE-190
CWE-787
Heap-based Buffer Overflow
 Integer Overflow or Wraparound
 Out-of-bounds Write 		CVE-2026-42046 2026-05-12 23:17 2026-05-12 Show GitHub Exploit DB Packet Storm
692 7.3 HIGH
Network 		- - An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the js_mapped_arguments_mark function New CWE-94
Code Injection 		CVE-2026-37630 2026-05-12 23:17 2026-05-12 Show GitHub Exploit DB Packet Storm
693 8.8 HIGH
Network 		- - EDIMAX BR-6428nS V3 1.15 is vulnerable to Command Injection. An authenticated attacker with access to the network can submit crafted input to the WLAN configuration functionality. Due to insufficient… New CWE-77
Command Injection 		CVE-2026-36734 2026-05-12 23:17 2026-05-12 Show GitHub Exploit DB Packet Storm
694 8.1 HIGH
Network 		- - Command injection vulnerability in automagik-genie 2.5.27 MCP Server allows attackers to execute arbitrary commands via the view_task (aka view) in the readTranscriptFromCommit function in dist/mcp/s… New CWE-78
OS Command  		CVE-2026-30635 2026-05-12 23:17 2026-05-12 Show GitHub Exploit DB Packet Storm
695 7.5 HIGH
Network 		- - A vulnerability in the `_create_model_version()` handler of `mlflow/server/handlers.py` in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files f… New CWE-22
Path Traversal 		CVE-2026-2614 2026-05-12 23:17 2026-05-12 Show GitHub Exploit DB Packet Storm
696 - - - Reserved. Details will be published at disclosure. New - CVE-2026-45391 2026-05-12 23:16 2026-05-12 Show GitHub Exploit DB Packet Storm
697 - - - Reserved. Details will be published at disclosure. New - CVE-2026-45392 2026-05-12 23:16 2026-05-12 Show GitHub Exploit DB Packet Storm
698 - - - Reserved. Details will be published at disclosure. New - CVE-2026-45393 2026-05-12 23:16 2026-05-12 Show GitHub Exploit DB Packet Storm
699 - - - dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-co… New - CVE-2026-2291 2026-05-12 23:15 2026-05-12 Show GitHub Exploit DB Packet Storm
700 - - - Wellbia's XIGNCODE3 xhunter1.sys kernel driver Privilege Escalation Vulnerability provides access to IRP_MJ_REITS command interface, which allows any user process to request a PROCESS_ALL_ACCESS. Cr… New - CVE-2026-3609 2026-05-12 23:15 2026-05-12 Show GitHub Exploit DB Packet Storm