Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
207691 4.3 警告 IBM - IBM Tivoli Service Automation Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0940 2015-07-31 15:23 2014-10-3 Show GitHub Exploit DB Packet Storm
207692 5.8 警告 Ignite Realtime
レッドハット		 - Ignite Realtime Smack XMPP API の ServerTrustManager コンポーネントにおけるサーバになりすまされる脆弱性 CWE-Other
その他 		CVE-2014-0363 2015-07-31 15:17 2014-04-17 Show GitHub Exploit DB Packet Storm
207693 6.8 警告 dhcpcd project - Android などの製品で使用される dhcpcd の dhcp-common.c の print_option 関数における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-7913 2015-07-31 14:33 2014-11-15 Show GitHub Exploit DB Packet Storm
207694 6.8 警告 dhcpcd project - Android などの製品で使用される dhcpcd の dhcp.c の get_option 関数における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-7912 2015-07-31 14:33 2014-11-15 Show GitHub Exploit DB Packet Storm
207695 2.1 注意 Python Software Foundation - pip におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-8991 2015-07-31 11:07 2014-11-12 Show GitHub Exploit DB Packet Storm
207696 6.4 警告 thekelleys - Dnsmasq の tcp_request 関数におけるプロセスのメモリを読み取られる脆弱性 CWE-Other
その他 		CVE-2015-3294 2015-07-31 10:35 2015-04-10 Show GitHub Exploit DB Packet Storm
207697 3.5 注意 OpenStack - OpenStack Dashboard におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-3988 2015-07-31 10:33 2015-05-1 Show GitHub Exploit DB Packet Storm
207698 5 警告 The PHP Group
アップル		 - PHP の Fileinfo コンポーネントで使用される readelf.c ファイル内の donote 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3710 2015-07-30 16:40 2014-10-17 Show GitHub Exploit DB Packet Storm
207699 5 警告 The Tcpdump Group - tcpdump の geonet_print 関数における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2014-8768 2015-07-30 16:37 2014-11-12 Show GitHub Exploit DB Packet Storm
207700 7.5 危険 Novell
Mercurial		 - Mercurial の sshpeer の _validaterepo 関数における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-9462 2015-07-30 16:29 2014-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
791 8.8 HIGH
Network 		- - YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'… New CWE-89
SQL Injection 		CVE-2026-41143 2026-05-8 00:43 2026-05-7 Show GitHub Exploit DB Packet Storm
792 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: gpio: Fix resource leaks on errors in gpiochip_add_data_with_key() Since commit aab5c6f20023 ("gpio: set device type for GPIO chi… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-31732 2026-05-8 00:36 2026-05-2 Show GitHub Exploit DB Packet Storm
793 5.4 MEDIUM
Network 		google chrome Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) New CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-8015 2026-05-8 00:30 2026-05-7 Show GitHub Exploit DB Packet Storm
794 8.8 HIGH
Network 		google chrome Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) New CWE-416
 Use After Free 		CVE-2026-8016 2026-05-8 00:29 2026-05-7 Show GitHub Exploit DB Packet Storm
795 3.1 LOW
Network 		google chrome Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) New CWE-1300
 Improper Protection of Physical Side Channels 		CVE-2026-8017 2026-05-8 00:29 2026-05-7 Show GitHub Exploit DB Packet Storm
796 8.1 HIGH
Network 		google chrome Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security… New NVD-CWE-noinfo
CVE-2026-8018 2026-05-8 00:26 2026-05-7 Show GitHub Exploit DB Packet Storm
797 5.4 MEDIUM
Network 		google chrome Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) New CWE-451
 User Interface (UI) Misrepresentation of Critical Information 		CVE-2026-8019 2026-05-8 00:26 2026-05-7 Show GitHub Exploit DB Packet Storm
798 5.3 MEDIUM
Network 		google chrome Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process… New CWE-457
 Use of Uninitialized Variable 		CVE-2026-8020 2026-05-8 00:21 2026-05-7 Show GitHub Exploit DB Packet Storm
799 5.0 MEDIUM
Network 		google chrome Inappropriate implementation in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML pa… New CWE-693
 Protection Mechanism Failure 		CVE-2026-8009 2026-05-8 00:20 2026-05-7 Show GitHub Exploit DB Packet Storm
800 5.4 MEDIUM
Network 		google chrome Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (UXSS) via a craft… New CWE-79
Cross-site Scripting 		CVE-2026-8012 2026-05-8 00:19 2026-05-7 Show GitHub Exploit DB Packet Storm