Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207411	4.3	警告	Ruby on Rails project	-	Ruby on Rails で使用される Web Console の request.rb における whitelisted_ips 保護メカニズムを回避される脆弱性	CWE-Other その他	CVE-2015-3224	2015-07-28 17:04	2015-06-16	Show	GitHub Exploit DB Packet Storm

207412	5	警告	Ruby on Rails project	-	Ruby on Rails で使用される jquery-rails の jquery_ujs.js および jquery-ujs の rails.js における同一生成元ポリシーを回避される脆弱性	CWE-200 情報漏えい	CVE-2015-1840	2015-07-28 17:04	2015-06-16	Show	GitHub Exploit DB Packet Storm

207413	4.3	警告	Nucleus	-	Nucleus CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5454	2015-07-28 14:51	2015-06-26	Show	GitHub Exploit DB Packet Storm

207414	6.8	警告	Honeywell International Inc.	-	Honeywell Tuxedo Touch におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-2848	2015-07-28 14:47	2015-07-24	Show	GitHub Exploit DB Packet Storm

207415	5	警告	Honeywell International Inc.	-	Honeywell Tuxedo Touch におけるアクセス制限を回避される脆弱性	CWE-Other その他	CVE-2015-2847	2015-07-28 14:46	2015-07-24	Show	GitHub Exploit DB Packet Storm

207416	5	警告	IBM	-	Android 用 IBM Maximo Anywhere アプリケーションにおけるパスコード保護メカニズムを回避される脆弱性	CWE-200 情報漏えい	CVE-2015-4945	2015-07-28 14:42	2015-07-21	Show	GitHub Exploit DB Packet Storm

207417	4.9	警告	Linux	-	Linux Kernel の arch/x86/kvm/lapic.h 内の kvm_apic_has_events 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2015-4692	2015-07-28 14:42	2015-05-30	Show	GitHub Exploit DB Packet Storm

207418	6.8	警告	FFmpeg	-	FFmpeg の libavcodec/mjpegdec.c の ff_mjpeg_decode_sof 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2015-1872	2015-07-28 14:27	2015-02-5	Show	GitHub Exploit DB Packet Storm

207419	7.8	危険	シスコシステムズ	-	Cisco Videoscape Policy Resource Manager におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-4283	2015-07-28 13:53	2015-07-20	Show	GitHub Exploit DB Packet Storm

207420	6.8	警告	シスコシステムズ	-	Cisco TelePresence MSE 8000 デバイスにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2015-4258	2015-07-28 13:53	2015-07-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
51	9.8	CRITICAL Network	dlink	di-8100_firmware	A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of the component POST Parameter Handler.… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7854	2026-05-7 02:39	2026-05-6	Show	GitHub Exploit DB Packet Storm

52	7.2	HIGH Network	dlink	di-8100_firmware	A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of th… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7855	2026-05-7 02:38	2026-05-6	Show	GitHub Exploit DB Packet Storm

53	7.2	HIGH Network	dlink	di-8100_firmware	A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipulation of the argument Name c… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7856	2026-05-7 02:36	2026-05-6	Show	GitHub Exploit DB Packet Storm

54	7.2	HIGH Network	dlink	di-8100_firmware	A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer… New	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7857	2026-05-7 02:28	2026-05-6	Show	GitHub Exploit DB Packet Storm

55	9.8	CRITICAL Network	nginxui	nginx_ui	Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before version 2.3.8, an unauthenticated network attacker can claim the initial administrator account on a fresh nginx… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-42221	2026-05-7 02:17	2026-05-5	Show	GitHub Exploit DB Packet Storm

56	6.5	MEDIUM Network	nginxui	nginx_ui	Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, an authenticated user can call GET /api/settings and retrieve sensitive configuration values, including node.secret.… New	CWE-200 CWE-863 Information Exposure Incorrect Authorization	CVE-2026-42220	2026-05-7 02:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

57	8.8	HIGH Local	-	-	NanoClaw contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside th… New	CWE-22 Path Traversal	CVE-2026-7875	2026-05-7 02:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

58	9.1	CRITICAL Network	-	-	Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_… New	CWE-340 Generation of Predictable Numbers or Identifiers	CVE-2026-5081	2026-05-7 02:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

59	8.8	HIGH Adjacent	-	-	gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit host (e.g. :8080), or -port is used, gopl… New	CWE-1327 Binding to an Unrestricted IP Address	CVE-2026-42503	2026-05-7 02:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

60	7.5	HIGH Network	-	-	Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head… New	CWE-444 HTTP Request Smuggling	CVE-2026-40562	2026-05-7 02:16	2026-05-6	Show	GitHub Exploit DB Packet Storm