Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209451	6.5	警告	GigPress project	-	WordPress 用 GigPress プラグインの admin/handlers.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-4066	2015-05-29 14:44	2015-05-25	Show	GitHub Exploit DB Packet Storm

209452	3.5	注意	Inbound Now	-	WordPress 用 Landing Pages プラグインの shared/shortcodes/inbound-shortcodes.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-4065	2015-05-29 14:38	2015-05-25	Show	GitHub Exploit DB Packet Storm

209453	6.5	警告	Inbound Now	-	WordPress 用 Landing Pages プラグインの modules/module.ab-testing.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-4064	2015-05-29 14:37	2015-05-21	Show	GitHub Exploit DB Packet Storm

209454	6.5	警告	NewStatPress project	-	WordPress 用 NewStatPress プラグインの includes/nsp_search.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-4062	2015-05-29 14:14	2015-05-20	Show	GitHub Exploit DB Packet Storm

209455	3.5	注意	NewStatPress project	-	WordPress 用 NewStatPress プラグインの includes/nsp_search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-4063	2015-05-29 14:14	2015-05-20	Show	GitHub Exploit DB Packet Storm

209456	4.3	警告	アルバネットワークス株式会社	-	Aruba Networks ClearPass Policy Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-1389	2015-05-29 14:11	2015-03-25	Show	GitHub Exploit DB Packet Storm

209457	6.8	警告	オープンCADフォーマット評議会	-	SXF 共通ライブラリにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2015-2946	2015-05-28 18:13	2015-05-22	Show	GitHub Exploit DB Packet Storm

209458	7.5	危険	Bomgar Corporation	-	Bomgar Remote Support に信頼していないデータをデシリアライズする脆弱性	CWE-94 CWE-Other	CVE-2015-0935	2015-05-28 18:09	2015-05-5	Show	GitHub Exploit DB Packet Storm

209459	7.5	危険	藤本壱	-	mt-phpincgi において任意の PHP コードが実行可能な脆弱性	CWE-94 コード・インジェクション	CVE-2015-2945	2015-05-28 18:05	2015-05-20	Show	GitHub Exploit DB Packet Storm

209460	10	危険	マイクロソフト	-	複数の Microsoft 製品の OLE における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2014-6332	2015-05-28 17:32	2014-11-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1061	5.5	MEDIUM Local	-	-	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in… New	CWE-121 Stack-based Buffer Overflow	CVE-2026-42050	2026-05-12 05:25	2026-05-12	Show	GitHub Exploit DB Packet Storm

1062	6.2	MEDIUM Local	-	-	OpenMcdf is a fully .NET / C# library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory … Update	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2026-41511	2026-05-12 05:25	2026-05-9	Show	GitHub Exploit DB Packet Storm

1063	9.8	CRITICAL Network	-	-	RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to c… Update	CWE-427 Uncontrolled Search Path Element	CVE-2025-69599	2026-05-12 05:25	2026-05-8	Show	GitHub Exploit DB Packet Storm

1064	9.8	CRITICAL Network	-	-	1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess fil… Update	CWE-94 Code Injection	CVE-2025-67887	2026-05-12 05:25	2026-05-8	Show	GitHub Exploit DB Packet Storm

1065	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate user queue size constraints Add validation to ensure user queue sizes meet hardware requirements: - Size mus… Update	NVD-CWE-noinfo	CVE-2026-43195	2026-05-12 05:21	2026-05-6	Show	GitHub Exploit DB Packet Storm

1066	7.5	HIGH Network	-	-	Alkacon OpenCms before 16 allows XXE when the <!DOCTYPE> refers to an external host. Update	CWE-611 XXE	CVE-2023-42346	2026-05-12 05:20	2026-05-8	Show	GitHub Exploit DB Packet Storm

1067	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an inco… Update	NVD-CWE-noinfo	CVE-2026-43201	2026-05-12 05:20	2026-05-6	Show	GitHub Exploit DB Packet Storm

1068	7.5	HIGH Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5e_ipsec_init_macs(… Update	NVD-CWE-noinfo	CVE-2026-43199	2026-05-12 05:12	2026-05-6	Show	GitHub Exploit DB Packet Storm

1069	9.8	CRITICAL Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock() is done… Update	CWE-362 Race Condition	CVE-2026-43198	2026-05-12 05:12	2026-05-6	Show	GitHub Exploit DB Packet Storm

1070	9.1	CRITICAL Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated msg passed to netconsole from the console subsystem is not guaranteed to b… Update	CWE-125 Out-of-bounds Read	CVE-2026-43197	2026-05-12 05:11	2026-05-6	Show	GitHub Exploit DB Packet Storm