Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 14, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207211	10	危険	Google	-	Android の libstagefright の MPEG4Extractor.cpp の MPEG4Extractor::parseChunk 関数における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2015-3824	2015-10-2 14:58	2015-07-9	Show	GitHub Exploit DB Packet Storm

207212	10	危険	Google	-	Android の libstagefright の ESDS.cpp の ESDS::parseESDescriptor 関数における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2015-1539	2015-10-2 14:58	2015-07-9	Show	GitHub Exploit DB Packet Storm

207213	7.8	危険	BisonWare	-	BisonWare BisonFTP におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-7602	2015-10-2 10:07	2015-09-28	Show	GitHub Exploit DB Packet Storm

207214	7.8	危険	コニカミノルタビジネスソリューションズ株式会社	-	Konica Minolta FTP Utility におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-7603	2015-10-2 09:56	2015-09-22	Show	GitHub Exploit DB Packet Storm

207215	6.9	警告	NVIDIA	-	複数の OS およびアプリケーション上で稼働する NVIDIA ディスプレイドライバにおける任意のカーネルメモリ領域に書き込まれる脆弱性	CWE-119 バッファエラー	CVE-2015-5950	2015-10-1 18:17	2015-09-24	Show	GitHub Exploit DB Packet Storm

207216	7.8	危険	PCMan's FTP Server project	-	PCMan's FTP Server におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-7601	2015-10-1 18:09	2015-09-28	Show	GitHub Exploit DB Packet Storm

207217	4	警告	Open Source Point of Sale project	-	Open Source Point of Sale におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-0299	2015-10-1 17:47	2015-09-28	Show	GitHub Exploit DB Packet Storm

207218	4.3	警告	X2Engine	-	X2Engine X2CRM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5076	2015-10-1 17:43	2015-07-13	Show	GitHub Exploit DB Packet Storm

207219	6.8	警告	X2Engine	-	X2Engine X2CRM におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-5075	2015-10-1 17:43	2015-09-18	Show	GitHub Exploit DB Packet Storm

207220	7.5	危険	X2Engine	-	X2Engine X2CRM の protected/components/filters/FileUploadsFilter.php の FileUploadsFilter クラスにおける任意の PHP コードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2015-5074	2015-10-1 17:43	2015-07-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	7.5	HIGH Network	-	-	Granian is a Rust HTTP server for Python applications. From 1.2.0 to 2.7.4, Granian aborts a worker process when an unauthenticated client sends a WebSocket upgrade request whose Sec-WebSocket-Protoc… New	CWE-20 CWE-248 CWE-400 Improper Input Validation Uncaught Exception Uncontrolled Resource Consumption	CVE-2026-42544	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

862	-		-	-	efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, efw.file.FileManager.unZip writes zip entries to disk using new File(baseDir, zipEntry.getName()) with no canonical-path check. An entry … New	CWE-77 Command Injection	CVE-2026-44257	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

863	9.4	CRITICAL Network	-	-	Scramble generates API documentation for Laravel project. From 0.13.2 to before 0.13.22, when documentation endpoints are publicly accessible and validation rules reference user-controlled input, req… New	CWE-94 Code Injection	CVE-2026-44262	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

864	7.5	HIGH Network	-	-	Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service (DoS) vulnerability affects Deskflow servers running with TLS enabled (the default). Whe… New	CWE-400 CWE-405 Uncontrolled Resource Consumption Asymmetric Resource Consumption (Amplification)	CVE-2026-44296	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

865	9.0	CRITICAL Network	-	-	Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf… New	CWE-917 CWE-1336 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') Improper Neutralization of Special Elements Used in a Template Engine	CVE-2026-41901	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

866	-		-	-	Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a node with a malicious … New	CWE-943 Improper Neutralization of Special Elements in Data Query Logic	CVE-2026-42156	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

867	-		-	-	Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a map node with a malici… New	CWE-79 Cross-site Scripting	CVE-2026-42157	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

868	10.0	CRITICAL Network	-	-	ChurchCRM is an open-source church management system. Prior to 7.3.2, The fix for CVE-2026-39337 is incomplete. The pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard … New	CWE-94 Code Injection	CVE-2026-42288	2026-05-14 01:10	2026-05-13	Show	GitHub Exploit DB Packet Storm

869	6.5	MEDIUM Network	open5gs	open5gs	A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. This manipulation cause… New	CWE-404 Improper Resource Shutdown or Release	CVE-2026-8249	2026-05-14 01:10	2026-05-11	Show	GitHub Exploit DB Packet Storm

870	8.8	HIGH Network	wavlink	wl-nu516u1_firmware	A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlan_conf/Channel/skiplist/… Update	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-8228	2026-05-14 01:10	2026-05-10	Show	GitHub Exploit DB Packet Storm