Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
208551	4.3	警告	OpenSSL Project レッドハット	-	複数の Red Hat Enterprise Linux 製品の openssl-1.0.1e-25.el7 で配布される OpenSSL におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 CWE-362	CVE-2015-3216	2015-07-10 14:23	2015-05-28	Show	GitHub Exploit DB Packet Storm

208552	5.1	警告	LINE株式会社	-	LINE@ における意図しないアプリ内関数が呼び出される脆弱性	CWE-DesignError	CVE-2015-2968	2015-07-10 14:04	2015-07-10	Show	GitHub Exploit DB Packet Storm

208553	4.3	警告	ANTlabs	-	複数の ANTlabs デバイス上で稼動する ANTlabs InnGate ファームウェアの index-login.ant におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-2850	2015-07-10 14:02	2015-07-6	Show	GitHub Exploit DB Packet Storm

208554	7.5	危険	ANTlabs	-	複数の ANTlabs デバイス上で稼動する ANTlabs InnGate ファームウェアの main.ant における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-2849	2015-07-10 13:59	2015-07-6	Show	GitHub Exploit DB Packet Storm

208555	5	警告	Debian Willy Tarreau	-	HAProxy の buffer_slow_realign 関数における重要な情報を取得される脆弱性	CWE-119 バッファエラー	CVE-2015-3281	2015-07-10 13:45	2015-07-2	Show	GitHub Exploit DB Packet Storm

208556	2.1	注意	Rules Link project	-	Drupal 用 Rules Link モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-9740	2015-07-10 12:19	2014-08-27	Show	GitHub Exploit DB Packet Storm

208557	3.5	注意	ADCI LLC	-	Drupal 用 Node Field モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-9739	2015-07-10 12:19	2014-11-11	Show	GitHub Exploit DB Packet Storm

208558	4.3	警告	Tournament project	-	Drupal 用 Tournament モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-9738	2015-07-10 12:19	2014-11-19	Show	GitHub Exploit DB Packet Storm

208559	5.8	警告	Language Switcher Dropdown project	-	Drupal 用 Language Switcher Dropdown モジュールにおけるオープンリダイレクトの脆弱性	CWE-Other その他	CVE-2014-9737	2015-07-10 12:19	2014-01-22	Show	GitHub Exploit DB Packet Storm

208560	10	危険	SolarWinds	-	SolarWinds Storage Manager の AuthenticationFilter クラスにおける任意のスクリプトをアップロードされる脆弱性	CWE-noinfo 情報不足	CVE-2015-5371	2015-07-10 11:52	2015-06-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1491	9.1	CRITICAL Network	miyagawa	plack\	Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the c…	CWE-200 CWE-441 CWE-913 Information Exposure Confused Deputy Improper Control of Dynamically-Managed Code Resources	CVE-2026-7381	2026-05-7 11:10	2026-04-30	Show	GitHub Exploit DB Packet Storm

1492	5.4	MEDIUM Network	google	chrome	Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. (Chromium security severity: Mediu…	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2026-7950	2026-05-7 11:09	2026-05-7	Show	GitHub Exploit DB Packet Storm

1493	7.4	HIGH Network	gnu redhat	gnutls hardened_images openshift_container_platform enterprise_linux	A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constrai…	CWE-178 Improper Handling of Case Sensitivity	CVE-2026-3833	2026-05-7 11:09	2026-05-1	Show	GitHub Exploit DB Packet Storm

1494	7.5	HIGH Network	google	chrome	Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)	CWE-362 Race Condition	CVE-2026-7948	2026-05-7 11:08	2026-05-7	Show	GitHub Exploit DB Packet Storm

1495	3.1	LOW Network	google	chrome	Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromi…	CWE-125 Out-of-bounds Read	CVE-2026-7949	2026-05-7 11:07	2026-05-7	Show	GitHub Exploit DB Packet Storm

1496	8.8	HIGH Network	google	chrome	Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)	CWE-787 Out-of-bounds Write	CVE-2026-7951	2026-05-7 11:07	2026-05-7	Show	GitHub Exploit DB Packet Storm

1497	4.2	MEDIUM Network	google	chrome	Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a c…	CWE-693 Protection Mechanism Failure	CVE-2026-7952	2026-05-7 11:06	2026-05-7	Show	GitHub Exploit DB Packet Storm

1498	3.1	LOW Network	google	chrome	Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security…	CWE-362 Race Condition	CVE-2026-7954	2026-05-7 11:06	2026-05-7	Show	GitHub Exploit DB Packet Storm

1499	6.1	MEDIUM Network	google	chrome	Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chro…	CWE-20 Improper Input Validation	CVE-2026-7953	2026-05-7 11:06	2026-05-7	Show	GitHub Exploit DB Packet Storm

1500	5.3	MEDIUM Network	google	chrome	Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via…	CWE-457 Use of Uninitialized Variable	CVE-2026-7955	2026-05-7 11:06	2026-05-7	Show	GitHub Exploit DB Packet Storm