Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
208431 9.3 危険 マイクロソフト - Microsoft Internet Explorer 9 から 11 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-1767 2015-07-16 15:55 2015-07-14 Show GitHub Exploit DB Packet Storm
208432 9.3 危険 マイクロソフト - Microsoft Internet Explorer 8 および 9 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-1738 2015-07-16 15:55 2015-07-14 Show GitHub Exploit DB Packet Storm
208433 9.3 危険 マイクロソフト - Microsoft Internet Explorer 10 および 11 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2015-1733 2015-07-16 15:55 2015-07-14 Show GitHub Exploit DB Packet Storm
208434 4.3 警告 マイクロソフト - Microsoft Internet Explorer 9 から 11 におけるコンテンツを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2015-1729 2015-07-16 15:55 2015-07-14 Show GitHub Exploit DB Packet Storm
208435 2.1 注意 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-2382 2015-07-16 15:05 2015-07-14 Show GitHub Exploit DB Packet Storm
208436 2.1 注意 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-2381 2015-07-16 15:05 2015-07-14 Show GitHub Exploit DB Packet Storm
208437 2.1 注意 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-2367 2015-07-16 15:05 2015-07-14 Show GitHub Exploit DB Packet Storm
208438 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-2366 2015-07-16 15:05 2015-07-14 Show GitHub Exploit DB Packet Storm
208439 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-2365 2015-07-16 15:05 2015-07-14 Show GitHub Exploit DB Packet Storm
208440 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-2363 2015-07-16 15:05 2015-07-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1471 4.3 MEDIUM
Network 		google chrome Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium… CWE-200
Information Exposure 		CVE-2026-7999 2026-05-7 22:39 2026-05-7 Show GitHub Exploit DB Packet Storm
1472 8.8 HIGH
Network 		google chrome Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium se… CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-8000 2026-05-7 22:39 2026-05-7 Show GitHub Exploit DB Packet Storm
1473 7.7 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to… CWE-918
CWE-1188
Server-Side Request Forgery (SSRF) 
 Insecure Default Initialization of Resource 		CVE-2026-43527 2026-05-7 22:29 2026-05-5 Show GitHub Exploit DB Packet Storm
1474 6.1 MEDIUM
Network 		apache wicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 t… CWE-79
Cross-site Scripting 		CVE-2026-42509 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1475 9.1 CRITICAL
Network 		apache wicket Missing invocation of Servlet http web request method changeSessionId after session binding can be exploited for a session fixation attack in Apache Wicket. This issue affects Apache Wicket: from 8.… CWE-384
 Session Fixation 		CVE-2026-40010 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1476 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fix… CWE-121
CWE-170
Stack-based Buffer Overflow
 Improper Null Termination 		CVE-2026-34464 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1477 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers (KillAllHandler, SuspendAllHandler, and RunSandboxedHandl… CWE-121
CWE-170
Stack-based Buffer Overflow
 Improper Null Termination 		CVE-2026-34462 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1478 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID_SBIE_I… CWE-121
Stack-based Buffer Overflow 		CVE-2026-34461 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1479 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code wher… CWE-908
 Use of Uninitialized Resource 		CVE-2026-31693 2026-05-7 21:49 2026-04-30 Show GitHub Exploit DB Packet Storm
1480 6.7 MEDIUM
Local 		mediatek mt6768_firmware
mt6789_firmware
mt6877_firmware
mt6899_firmware
mt6989_firmware
mt6991_firmware
mt6993_firmware
mt8196_firmware
mt8367_firmware
mt8766_firmware
mt8768_fi… 		In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privileg… CWE-125
Out-of-bounds Read 		CVE-2026-20447 2026-05-7 21:43 2026-05-4 Show GitHub Exploit DB Packet Storm