Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
208421 1.9 注意 Xen プロジェクト - Xen の xen/arch/x86/mm.c におけるサービス運用妨害 (表明違反およびハイパーバイザクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0154 2015-08-13 15:50 2013-01-12 Show GitHub Exploit DB Packet Storm
208422 4 警告 Bouncy Castle - Bouncy Castle Java library および C# library の TLS の実装における識別攻撃およびプレーンテキストリカバリ攻撃を誘発される脆弱性 CWE-310
暗号の問題 		CVE-2013-1624 2015-08-13 15:49 2013-02-8 Show GitHub Exploit DB Packet Storm
208423 5 警告 レッドハット - RESTEasy における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2012-0818 2015-08-13 15:49 2011-12-30 Show GitHub Exploit DB Packet Storm
208424 5 警告 レッドハット - RESTEasy の providers.jaxb.JAXBXmlTypeProvider における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2011-5245 2015-08-13 15:49 2012-01-19 Show GitHub Exploit DB Packet Storm
208425 5 警告 The PHP Group
アップル		 - PHP におけるアクセス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2006-7243 2015-08-13 15:49 2006-12-18 Show GitHub Exploit DB Packet Storm
208426 7.2 危険 Clutter Project - Clutter のジェスチャ処理コードにおけるロックスクリーンを回避される脆弱性 CWE-Other
その他 		CVE-2015-3213 2015-08-13 15:42 2015-06-1 Show GitHub Exploit DB Packet Storm
208427 - - OpenAFS - ** 削除 ** OpenAFS の vlserver におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2015-3287 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
208428 4.6 警告 OpenAFS - OpenAFS の Solaris カーネルエクステンションにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2015-3286 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
208429 2.1 注意 OpenAFS - OpenAFS の OSD FS コマンドの pioctl におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2015-3285 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
208430 2.1 注意 OpenAFS - OpenAFS の pioctls におけるカーネルメモリを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-3284 2015-08-13 15:19 2015-07-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1861 7.8 HIGH
Local 		- - A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM CWE-362
Race Condition 		CVE-2026-7432 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1862 6.5 MEDIUM
Network 		- - An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials. CWE-749
 Exposed Dangerous Method or Function 		CVE-2026-8109 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1863 7.8 HIGH
Local 		- - Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2026-8110 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1864 8.8 HIGH
Network 		- - SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution. CWE-89
SQL Injection 		CVE-2026-8111 2026-05-13 01:38 2026-05-13 Show GitHub Exploit DB Packet Storm
1865 8.8 HIGH
Network 		pi-hole ftldns Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the `dns.interface` configuration field in Pi-hole FTL accepted newline charac… CWE-93
CRLF Injection 		CVE-2026-39849 2026-05-13 01:27 2026-05-6 Show GitHub Exploit DB Packet Storm
1866 8.8 HIGH
Network 		anthropic claude_code In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious reposi… CWE-20
CWE-77
NVD-CWE-noinfo
 Improper Input Validation 
Command Injection 		CVE-2026-40068 2026-05-13 01:21 2026-05-6 Show GitHub Exploit DB Packet Storm
1867 6.5 MEDIUM
Network 		langgenius dify Dify before version 1.14.0 contains an authorization bypass vulnerability that allows authenticated users to read the full contents of files uploaded by other users within the same tenant by supplyin… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-41950 2026-05-13 01:20 2026-05-6 Show GitHub Exploit DB Packet Storm
1868 7.5 HIGH
Network 		openmrs openmrs OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnera… CWE-22
Path Traversal 		CVE-2026-40075 2026-05-13 01:18 2026-05-6 Show GitHub Exploit DB Packet Storm
1869 6.5 MEDIUM
Network 		getgrav grav Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged user (EX: Content Editor with only pages.update permissions) can bypass the existing Twig sandbox restrictions by utilizing … CWE-863
 Incorrect Authorization 		CVE-2026-42610 2026-05-13 01:16 2026-05-12 Show GitHub Exploit DB Packet Storm
1870 8.9 HIGH
Network 		getgrav grav Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged (with the ability to create a page) user can cause XSS with the injection of svg element. The XSS can further be escalated t… CWE-79
Cross-site Scripting 		CVE-2026-42611 2026-05-13 01:16 2026-05-12 Show GitHub Exploit DB Packet Storm