Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
211171 4.3 警告 シスコシステムズ - Cisco Unified Web and E-Mail Interaction Manager の Unified Web Interaction Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-0655 2015-03-3 14:26 2015-03-2 Show GitHub Exploit DB Packet Storm
211172 10 危険 Skoranga - node.js 用 dns-sync モジュールにおける任意のコマンドを実行される脆弱性 CWE-Other
その他 		CVE-2014-9682 2015-03-3 14:26 2014-11-11 Show GitHub Exploit DB Packet Storm
211173 6.8 警告 FFmpeg - ffmpeg の libavformat/segment.c の seg_write_packet 関数 におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-9676 2015-03-3 14:25 2015-01-4 Show GitHub Exploit DB Packet Storm
211174 4.3 警告 Zaunz GmbH - Cosmoshop の管理者ログインパネルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-2103 2015-03-3 13:57 2015-02-14 Show GitHub Exploit DB Packet Storm
211175 7.5 危険 ClipBucket - ClipBucket の view_item.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-2102 2015-03-3 13:43 2015-02-20 Show GitHub Exploit DB Packet Storm
211176 4.3 警告 chris shattuck - Drupal 用 Navigate モジュールの Navigate バーにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-2101 2015-03-3 13:33 2014-02-18 Show GitHub Exploit DB Packet Storm
211177 4.3 警告 日立 - Hitachi Command Suite 製品のオンラインヘルプにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-1565 2015-03-2 18:18 2015-01-30 Show GitHub Exploit DB Packet Storm
211178 4.3 警告 日立 - Hitachi Application Server ヘルプにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2015-03-2 18:18 2015-01-30 Show GitHub Exploit DB Packet Storm
211179 4.6 警告 日立 - JP1/NETM/DM および Job Management Partner 1/Software Distribution における PC 内蔵タイプの USB ストレージデバイスを抑止不可とされる脆弱性 CWE-noinfo
情報不足 		- 2015-03-2 18:17 2014-10-17 Show GitHub Exploit DB Packet Storm
211180 4 警告 日立 - 日立の COBOL2002 製品の XML 連携機能における XXE の脆弱性 CWE-Other
その他 		- 2015-03-2 18:16 2014-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1031 - - - MinIO is a high-performance object storage system. From RELEASE.2022-07-24T01-54-52Z to before RELEASE.2026-04-14T21-32-45Z, A path traversal vulnerability in MinIO's ReadMultiple internode storage-R… New CWE-22
Path Traversal 		CVE-2026-42600 2026-05-12 07:22 2026-05-12 Show GitHub Exploit DB Packet Storm
1032 8.2 HIGH
Network 		- - jotty·page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticated path traversal vulnerability exists in /api/app-icons/[filename]. The filename route parameter is jo… New CWE-22
CWE-200
Path Traversal
Information Exposure 		CVE-2026-42564 2026-05-12 07:22 2026-05-12 Show GitHub Exploit DB Packet Storm
1033 2.4 LOW
Network 		- - Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Prior to 2.9.3, a server-side request forgery (SSRF) vulnerability exists in Geyser’s handling of Bedrock player hea… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-42188 2026-05-12 07:22 2026-05-12 Show GitHub Exploit DB Packet Storm
1034 6.2 MEDIUM
Local 		- - barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the eh_entries field against buffer capacity in fs/ext4/ext4_common.… New CWE-125
Out-of-bounds Read 		CVE-2026-34961 2026-05-12 07:22 2026-05-12 Show GitHub Exploit DB Packet Storm
1035 6.5 MEDIUM
Adjacent 		- - barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the options pointer remains within … New CWE-125
Out-of-bounds Read 		CVE-2026-34960 2026-05-12 07:22 2026-05-12 Show GitHub Exploit DB Packet Storm
1036 6.8 MEDIUM
Network 		- - WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript into the … New CWE-79
Cross-site Scripting 		CVE-2026-45025 2026-05-12 06:19 2026-05-12 Show GitHub Exploit DB Packet Storm
1037 - - - WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a Stored Cross-Site Scripting (XSS) flaw was identified at the following endpoint: funcionario/profile_funcionario.php?… New CWE-79
Cross-site Scripting 		CVE-2026-42870 2026-05-12 06:19 2026-05-12 Show GitHub Exploit DB Packet Storm
1038 7.5 HIGH
Network 		postfix postfix Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number. Update CWE-193
 Off-by-one Error 		CVE-2026-43964 2026-05-12 06:17 2026-05-5 Show GitHub Exploit DB Packet Storm
1039 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely.… Update NVD-CWE-noinfo
CVE-2026-43184 2026-05-12 05:56 2026-05-6 Show GitHub Exploit DB Packet Storm
1040 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix a resource leak in cx25821_dev_setup() Add release_mem_region() if ioremap() fails to release the memory regi… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-43183 2026-05-12 05:55 2026-05-6 Show GitHub Exploit DB Packet Storm