Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
208491 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-2363 2015-07-16 15:05 2015-07-14 Show GitHub Exploit DB Packet Storm
208492 10 危険 マイクロソフト - 複数の Microsoft Windows 製品のリモートデスクトッププロトコルサーバサービスにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-2373 2015-07-16 11:57 2015-07-14 Show GitHub Exploit DB Packet Storm
208493 3.3 注意 マイクロソフト - 複数の Microsoft Windows 製品の Netlogon サービスにおける認証情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-2374 2015-07-16 11:48 2015-07-14 Show GitHub Exploit DB Packet Storm
208494 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品の Graphics コンポーネントにおける権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-2364 2015-07-16 11:40 2015-07-14 Show GitHub Exploit DB Packet Storm
208495 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品の RPC サブシステムの認証の実装における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-2370 2015-07-16 11:33 2015-07-14 Show GitHub Exploit DB Packet Storm
208496 6.9 警告 マイクロソフト - 複数の Microsoft Windows 製品の Windows インストーラー サービスにおける権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-2371 2015-07-16 11:23 2015-07-14 Show GitHub Exploit DB Packet Storm
208497 8.5 危険 マイクロソフト - Microsoft SQL Server における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-1763 2015-07-16 11:02 2015-07-14 Show GitHub Exploit DB Packet Storm
208498 7.1 危険 マイクロソフト - Microsoft SQL Server における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-1762 2015-07-16 11:02 2015-07-14 Show GitHub Exploit DB Packet Storm
208499 6.5 警告 マイクロソフト - Microsoft SQL Server における権限昇格の脆弱性 CWE-Other
その他 		CVE-2015-1761 2015-07-16 11:02 2015-07-14 Show GitHub Exploit DB Packet Storm
208500 5 警告 マイクロソフト - 複数の Microsoft Windows 製品の OLE における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-2417 2015-07-16 10:39 2015-07-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1471 4.3 MEDIUM
Network 		google chrome Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium… CWE-200
Information Exposure 		CVE-2026-7999 2026-05-7 22:39 2026-05-7 Show GitHub Exploit DB Packet Storm
1472 8.8 HIGH
Network 		google chrome Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium se… CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-8000 2026-05-7 22:39 2026-05-7 Show GitHub Exploit DB Packet Storm
1473 7.7 HIGH
Network 		openclaw openclaw OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to… CWE-918
CWE-1188
Server-Side Request Forgery (SSRF) 
 Insecure Default Initialization of Resource 		CVE-2026-43527 2026-05-7 22:29 2026-05-5 Show GitHub Exploit DB Packet Storm
1474 6.1 MEDIUM
Network 		apache wicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 t… CWE-79
Cross-site Scripting 		CVE-2026-42509 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1475 9.1 CRITICAL
Network 		apache wicket Missing invocation of Servlet http web request method changeSessionId after session binding can be exploited for a session fixation attack in Apache Wicket. This issue affects Apache Wicket: from 8.… CWE-384
 Session Fixation 		CVE-2026-40010 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1476 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fix… CWE-121
CWE-170
Stack-based Buffer Overflow
 Improper Null Termination 		CVE-2026-34464 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1477 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers (KillAllHandler, SuspendAllHandler, and RunSandboxedHandl… CWE-121
CWE-170
Stack-based Buffer Overflow
 Improper Null Termination 		CVE-2026-34462 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1478 - - - Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID_SBIE_I… CWE-121
Stack-based Buffer Overflow 		CVE-2026-34461 2026-05-7 22:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1479 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code wher… CWE-908
 Use of Uninitialized Resource 		CVE-2026-31693 2026-05-7 21:49 2026-04-30 Show GitHub Exploit DB Packet Storm
1480 6.7 MEDIUM
Local 		mediatek mt6768_firmware
mt6789_firmware
mt6877_firmware
mt6899_firmware
mt6989_firmware
mt6991_firmware
mt6993_firmware
mt8196_firmware
mt8367_firmware
mt8766_firmware
mt8768_fi… 		In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privileg… CWE-125
Out-of-bounds Read 		CVE-2026-20447 2026-05-7 21:43 2026-05-4 Show GitHub Exploit DB Packet Storm