Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
210191	4.3	警告	thoughtbot	-	Ruby on Rails 用ライブラリ Paperclip におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-2963	2015-07-14 18:14	2015-06-18	Show	GitHub Exploit DB Packet Storm

210192	5	警告	LEMON-S PHP	-	シンプルお絵描き掲示板におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-2969	2015-07-14 18:06	2015-07-10	Show	GitHub Exploit DB Packet Storm

210193	6.4	警告	LEMON-S PHP	-	シンプルお絵描き掲示板における任意のファイル削除の脆弱性	CWE-22 パス・トラバーサル	CVE-2015-2970	2015-07-14 18:05	2015-07-10	Show	GitHub Exploit DB Packet Storm

210194	2.6	注意	The Cacti Group	-	Cacti におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-2967	2015-07-14 18:02	2015-07-9	Show	GitHub Exploit DB Packet Storm

210195	6.5	警告	Intelliants	-	Subrion CMS に SQL インジェクションの脆弱性	CWE-89 CWE-Other	CVE-2015-4129	2015-07-14 17:39	2015-05-8	Show	GitHub Exploit DB Packet Storm

210196	5	警告	Namshi	-	namshi/jose におけるトークンの署名検証回避の脆弱性	CWE-Other その他	CVE-2015-2964	2015-07-14 17:18	2015-06-25	Show	GitHub Exploit DB Packet Storm

210197	5	警告	OpenEMR	-	OpenEMR における認証回避の脆弱性	CWE-287 不適切な認証	CVE-2015-4453	2015-07-14 17:15	2015-06-30	Show	GitHub Exploit DB Packet Storm

210198	4.3	警告	アップル NTP Project	-	NTP の ntpd の ntp_proto.c 内の receive の symmetric-key 機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2015-1799	2015-07-14 16:45	2015-04-7	Show	GitHub Exploit DB Packet Storm

210199	9	危険	IBM	-	IBM Business Process Manager の REST API におけるアクセス制限を回避される脆弱性	CWE-Other その他	CVE-2015-1961	2015-07-14 16:40	2015-06-29	Show	GitHub Exploit DB Packet Storm

210200	7.2	危険	VMware	-	Windows 上で稼働する複数の VMware 製品の vmware-vmx.exe におけるホスト OS の権限を取得される脆弱性	CWE-Other その他	CVE-2015-3650	2015-07-14 16:00	2015-07-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1441	-	-	-	Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary c…	CWE-276 Incorrect Default Permissions	CVE-2025-48512	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1442	-	-	-	An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege esca…	CWE-787 Out-of-bounds Write	CVE-2025-48519	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1443	-	-	-	An improper input validation vulnerability within the AMD Platform Management Framework (PMF) driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure o…	CWE-125 Out-of-bounds Read	CVE-2025-48520	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1444	-	-	-	Improper input validation in the AMD Secure Processor (ASP) PCI driver could allow a local attacker to trigger a Use-After-Free (UAF) condition, potentially resulting in a loss of platform integrity …	CWE-416 Use After Free	CVE-2025-48521	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1445	-	-	-	An improper input validation vulnerability within the AMD Platform Management Framework (PMF) Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation.	CWE-787 Out-of-bounds Write	CVE-2025-52540	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1446	-	-	-	Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.	CWE-276 Incorrect Default Permissions	CVE-2026-0432	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1447	-	-	-	A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity …	CWE-1072	CVE-2026-0438	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1448	-	-	-	A compromised Trusted OS (TOS) driver could issue a malformed call that could potentially allow memory access outside the intended range resulting in loss of integrity.	CWE-190 Integer Overflow or Wraparound	CVE-2021-26380	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1449	-	-	-	A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity.	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2022-23826	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm

1450	-	-	-	Improper validation in Power Management Firmware (PMFW) may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in …	CWE-129 Improper Validation of Array Index	CVE-2023-31309	2026-05-15 23:10	2026-05-15	Show	GitHub Exploit DB Packet Storm