Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206371 6.9 警告 セイコーエプソン株式会社 - EPSON Network Utility に権限昇格の脆弱性 CWE-264
CWE-Other
CVE-2015-6034 2015-12-22 10:40 2015-10-27 Show GitHub Exploit DB Packet Storm
206372 9.3 危険 マイクロソフト - Microsoft Windows Server 2008 および 2012 の DNS サーバにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-6125 2015-12-22 10:20 2015-12-8 Show GitHub Exploit DB Packet Storm
206373 4.3 警告 Apache Software Foundation - Apache Cordova プラグイン cordova-plugin-file-transfer における HTTP ヘッダインジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2015-5204 2015-12-21 17:45 2015-09-29 Show GitHub Exploit DB Packet Storm
206374 3.5 注意 Token Insert Entity project - Drupal 用 Token Insert Entity モジュールにおけるアクセス制限を回避される脆弱性 CWE-200
情報漏えい 		CVE-2015-8602 2015-12-21 17:41 2015-12-2 Show GitHub Exploit DB Packet Storm
206375 5 警告 Chat Room project - Drupal 用 Chat Room モジュールにおけるアクセス制限を回避される脆弱性 CWE-200
情報漏えい 		CVE-2015-8601 2015-12-21 17:41 2015-12-2 Show GitHub Exploit DB Packet Storm
206376 7.5 危険 Canonical
Linux Foundation		 - Foomatic の foomatic-filters および cups-filters の foomatic-rip の util.c における任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2015-8327 2015-12-21 17:25 2015-10-30 Show GitHub Exploit DB Packet Storm
206377 5 警告 シスコシステムズ - Cisco Model DPQ3925 with EDVA デバイスにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-6428 2015-12-21 16:55 2015-12-17 Show GitHub Exploit DB Packet Storm
206378 5 警告 シスコシステムズ - Cisco FireSIGHT Management Center における HTTP 攻撃検出機能を回避される脆弱性 CWE-Other
その他 		CVE-2015-6427 2015-12-21 16:55 2015-12-17 Show GitHub Exploit DB Packet Storm
206379 7.2 危険 シスコシステムズ - Cisco Prime Network Services Controller におけるアクセス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2015-6426 2015-12-21 16:55 2015-12-17 Show GitHub Exploit DB Packet Storm
206380 7.2 危険 シスコシステムズ - Cisco Application Policy Infrastructure Controller のブートマネージャにおけるアクセス制限を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2015-6424 2015-12-21 16:55 2015-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 - - - Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior have a Privilege Escalation vulnerability where insufficient access control checks in ProjectUsersAddCommand (… New CWE-284
Improper Access Control 		CVE-2026-34390 2026-05-20 23:06 2026-05-20 Show GitHub Exploit DB Packet Storm
162 4.3 MEDIUM
Network 		- - Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This is… New CWE-284
Improper Access Control 		CVE-2026-34754 2026-05-20 23:06 2026-05-20 Show GitHub Exploit DB Packet Storm
163 - - - Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. Th… New CWE-200
Information Exposure 		CVE-2026-34970 2026-05-20 23:06 2026-05-20 Show GitHub Exploit DB Packet Storm
164 7.5 HIGH
Network 		- - BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typ… New CWE-771
 Missing Reference to Active Allocated Resource 		CVE-2026-3039 2026-05-20 23:04 2026-05-20 Show GitHub Exploit DB Packet Storm
165 5.3 MEDIUM
Network 		- - BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resou… New CWE-408
 Incorrect Behavior Order: Early Amplification 		CVE-2026-3592 2026-05-20 23:04 2026-05-20 Show GitHub Exploit DB Packet Storm
166 7.4 HIGH
Network 		- - A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BI… New CWE-416
 Use After Free 		CVE-2026-3593 2026-05-20 23:04 2026-05-20 Show GitHub Exploit DB Packet Storm
167 7.5 HIGH
Network 		- - Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes… New CWE-20
CWE-125
CWE-617
CWE-754
CWE-843
 Improper Input Validation 
Out-of-bounds Read
 Reachable Assertion
 Improper Check for Unusual or Exceptional Conditions
Type Confusion 		CVE-2026-5946 2026-05-20 23:04 2026-05-20 Show GitHub Exploit DB Packet Storm
168 5.3 MEDIUM
Network 		- - An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sendin… New CWE-606
 Unchecked Input for Loop Condition 		CVE-2026-5950 2026-05-20 23:04 2026-05-20 Show GitHub Exploit DB Packet Storm
169 7.5 HIGH
Network 		- - Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. … New CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2026-5947 2026-05-20 23:04 2026-05-20 Show GitHub Exploit DB Packet Storm
170 - - - Improper input validation in the System Management Mode (SMM) communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memo… New CWE-124
Buffer Underflow 		CVE-2024-36343 2026-05-20 23:04 2026-05-20 Show GitHub Exploit DB Packet Storm