Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206571	5.8	警告	Google	-	Android の Telephony における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-6614	2015-11-4 17:36	2015-11-2	Show	GitHub Exploit DB Packet Storm

206572	5.1	警告	Google	-	Android の Bluetooth におけるデバッグポートにコマンドを送信される脆弱性	CWE-Other その他	CVE-2015-6613	2015-11-4 17:36	2015-11-2	Show	GitHub Exploit DB Packet Storm

206573	9.3	危険	Google	-	Android の libmedia における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-6612	2015-11-4 17:36	2015-11-2	Show	GitHub Exploit DB Packet Storm

206574	5	警告	Google	-	Android のメディアサーバにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-6611	2015-11-4 17:36	2015-11-2	Show	GitHub Exploit DB Packet Storm

206575	9.3	危険	Google	-	Android の libstagefright における権限を取得される脆弱性	CWE-119 バッファエラー	CVE-2015-6610	2015-11-4 17:36	2015-11-2	Show	GitHub Exploit DB Packet Storm

206576	10	危険	Google	-	Android の libutils における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-6609	2015-11-4 17:36	2015-11-2	Show	GitHub Exploit DB Packet Storm

206577	10	危険	Google	-	Android のメディアサーバにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-6608	2015-11-4 17:36	2015-11-2	Show	GitHub Exploit DB Packet Storm

206578	4.3	警告	フォーティネット	-	Fortinet FortiManager のグラフィカルユーザインターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-8038	2015-11-4 16:31	2015-09-24	Show	GitHub Exploit DB Packet Storm

206579	4.3	警告	フォーティネット	-	Fortinet FortiManager のグラフィカルユーザインターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-8037	2015-11-4 16:31	2015-09-24	Show	GitHub Exploit DB Packet Storm

206580	2.1	注意	Xen プロジェクト	-	Xen の tools/libxl/libxl.c の libxl_set_memory_target 関数などにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-7972	2015-11-4 16:29	2015-10-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251	9.8	CRITICAL Network	-	-	WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation.… New	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-47965	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

252	8.8	HIGH Network	-	-	Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages through the block manager… New	CWE-94 Code Injection	CVE-2021-47964	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

253	7.2	HIGH Network	-	-	Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored within the application. A… New	CWE-79 Cross-site Scripting	CVE-2021-47963	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

254	6.4	MEDIUM Network	-	-	Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account settings page that allows authenticated attackers to inject malicious HTML and JavaScript code. Attackers… New	CWE-79 Cross-site Scripting	CVE-2021-47962	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

255	7.5	HIGH Network	-	-	WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries with duplicated fields… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-47959	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

256	4.3	MEDIUM Network	-	-	CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files. Attackers can upload SVG file… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-47958	2026-05-16 04:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

257	7.5	HIGH Network	signalk	signal_k_server	Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoints (POST /login and POST /signalk/v1/auth/login) are protected by express-… Update	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-41893	2026-05-16 04:14	2026-05-10	Show	GitHub Exploit DB Packet Storm

258	5.3	MEDIUM Network	apache	commons_configuration	Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue … New	CWE-674 Uncontrolled Recursion	CVE-2026-45205	2026-05-16 03:40	2026-05-14	Show	GitHub Exploit DB Packet Storm

259	7.4	HIGH Network	microsoft	authenticator	Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network. New	CWE-200 Information Exposure	CVE-2026-41615	2026-05-16 03:39	2026-05-15	Show	GitHub Exploit DB Packet Storm

260	8.8	HIGH Network	microsoft	windows_admin_center	Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network. Update	CWE-284 Improper Access Control	CVE-2026-41086	2026-05-16 03:38	2026-05-13	Show	GitHub Exploit DB Packet Storm