Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
206641 6.5 警告 Bastian Allgeier GmbH - Kirby における任意のファイルを作成される脆弱性 CWE-20
不適切な入力確認 		CVE-2015-7773 2015-11-24 18:01 2015-11-17 Show GitHub Exploit DB Packet Storm
206642 6.8 警告 株式会社ニューフォリア - アプリカンにおけるスクリプトインジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2015-7772 2015-11-24 18:01 2015-11-17 Show GitHub Exploit DB Packet Storm
206643 5.4 警告 株式会社ニューフォリア - アプリカンにおけるスクリプトインジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2015-7771 2015-11-24 18:01 2015-11-17 Show GitHub Exploit DB Packet Storm
206644 6.8 警告 ARRIS Group - 複数の Arris デバイスのファームウェア上で稼動する Web 管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2015-7291 2015-11-24 17:56 2015-11-20 Show GitHub Exploit DB Packet Storm
206645 4.3 警告 ARRIS Group - 複数の Arris デバイスのファームウェア上で稼動する Web 管理インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-Other
CVE-2015-7290 2015-11-24 17:56 2015-11-20 Show GitHub Exploit DB Packet Storm
206646 9.3 危険 ARRIS Group - 複数の Arris デバイスのファームウェアにおけるアクセス権を取得される脆弱性 CWE-255
CWE-Other
CVE-2015-7289 2015-11-24 17:56 2015-11-20 Show GitHub Exploit DB Packet Storm
206647 4.3 警告 ARRIS Group - 複数の Arris デバイスのファームウェアにおけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-5149 2015-11-24 17:56 2015-11-20 Show GitHub Exploit DB Packet Storm
206648 6.1 警告 ヒューレット・パッカード - HP Photosmart B210 の SMB サーバにバッファオーバーフローの脆弱性 - - 2015-11-24 17:55 2015-10-21 Show GitHub Exploit DB Packet Storm
206649 7.2 危険 Tibbo Technology Inc. - Tibbo AggreGate の AggreGate Server Service の ag_server_service.exe における任意の Java コードを実行される脆弱性 CWE-Other
その他 		CVE-2015-7913 2015-11-24 16:24 2015-11-19 Show GitHub Exploit DB Packet Storm
206650 10 危険 Tibbo Technology Inc. - Tibbo AggreGate の AggreGate Server Service の ag_server_service.exe における任意の Java コードをアップロードされる脆弱性 CWE-Other
その他 		CVE-2015-7912 2015-11-24 16:24 2015-11-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
701 8.8 HIGH
Network 		- - A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TP… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-8775 2026-05-18 11:16 2026-05-18 Show GitHub Exploit DB Packet Storm
702 6.3 MEDIUM
Network 		- - A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request Handler. The manipulation of the argument command… New CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-8774 2026-05-18 11:16 2026-05-18 Show GitHub Exploit DB Packet Storm
703 - - - Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the metasploitPostgreSQL service the subseque… New CWE-284
CWE-427
CWE-829
Improper Access Control
 Uncontrolled Search Path Element
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-7373 2026-05-18 11:16 2026-05-15 Show GitHub Exploit DB Packet Storm
704 4.7 MEDIUM
Network 		- - A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall… New CWE-74
CWE-88
Injection
Argument Injection 		CVE-2026-8773 2026-05-18 09:16 2026-05-18 Show GitHub Exploit DB Packet Storm
705 4.7 MEDIUM
Network 		- - A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a manipulation can lead to sql injection. The attack can … New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-8772 2026-05-18 09:16 2026-05-18 Show GitHub Exploit DB Packet Storm
706 7.3 HIGH
Network 		- - A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java … New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-8771 2026-05-18 09:16 2026-05-18 Show GitHub Exploit DB Packet Storm
707 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and th… Update CWE-787
 Out-of-bounds Write 		CVE-2026-43500 2026-05-18 01:16 2026-05-11 Show GitHub Exploit DB Packet Storm
708 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New - CVE-2026-6050 2026-05-17 08:16 2026-05-17 Show GitHub Exploit DB Packet Storm
709 4.3 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with Guest … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2025-13874 2026-05-16 12:38 2026-05-14 Show GitHub Exploit DB Packet Storm
710 5.4 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.11 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to inject … CWE-94
Code Injection 		CVE-2025-12669 2026-05-16 12:38 2026-05-14 Show GitHub Exploit DB Packet Storm