Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
211401 7.5 危険 yuba.ch - u5CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-1576 2015-02-17 18:05 2015-02-9 Show GitHub Exploit DB Packet Storm
211402 6.4 警告 yuba.ch - u5CMS の u5admin/deletefile.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-1577 2015-02-17 18:05 2015-02-9 Show GitHub Exploit DB Packet Storm
211403 5.8 警告 yuba.ch - u5CMS におけるオープンリダイレクトの脆弱性 CWE-Other
その他 		CVE-2015-1578 2015-02-17 18:05 2015-02-9 Show GitHub Exploit DB Packet Storm
211404 7.5 危険 Redaxscript - Redaxscript の includes/search.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-1518 2015-02-17 18:01 2015-01-29 Show GitHub Exploit DB Packet Storm
211405 4.3 警告 シスコシステムズ - Cisco Prime Infrastructure の Web インターフェースにおけるクリックジャッキング攻撃を実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2147 2015-02-17 16:57 2014-02-25 Show GitHub Exploit DB Packet Storm
211406 6.8 警告 シスコシステムズ - Cisco Prime Infrastructure の INSERT ページにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-2152 2015-02-17 16:57 2014-02-25 Show GitHub Exploit DB Packet Storm
211407 4.3 警告 シスコシステムズ - Cisco Prime Infrastructure の INSERT ページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2153 2015-02-17 16:57 2014-02-25 Show GitHub Exploit DB Packet Storm
211408 4.3 警告 シスコシステムズ - Cisco Prime Security Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3365 2015-02-17 16:57 2014-05-7 Show GitHub Exploit DB Packet Storm
211409 7.8 危険 シスコシステムズ - Cisco IOS の Zone-Based Firewall の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-0592 2015-02-17 16:57 2015-02-10 Show GitHub Exploit DB Packet Storm
211410 6.5 警告 シスコシステムズ - Cisco Secure Access Control System の ACS View レポートインターフェースページにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-0580 2015-02-17 16:57 2015-02-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1181 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzalloc_flex for aio_cmd The target_core_file doesn't initialize the aio_cmd->iocb for the ki_write_strea… NVD-CWE-noinfo
CVE-2026-43055 2026-05-8 03:58 2026-05-2 Show GitHub Exploit DB Packet Storm
1182 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlan_na_create vxlan_na_create() walks ND options according to option-provided lengths. A m… NVD-CWE-noinfo
CVE-2026-31738 2026-05-8 03:58 2026-05-2 Show GitHub Exploit DB Packet Storm
1183 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and … NVD-CWE-noinfo
CVE-2026-31737 2026-05-8 03:55 2026-05-2 Show GitHub Exploit DB Packet Storm
1184 6.3 MEDIUM
Network 		- - A vulnerability has been found in router-for-me CLIProxyAPI 6.9.29. Affected by this issue is some unknown functionality of the file internal/api/handlers/management/api_tools.go of the component API… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-8081 2026-05-8 03:51 2026-05-8 Show GitHub Exploit DB Packet Storm
1185 9.8 CRITICAL
Network 		- - Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controller… CWE-284
Improper Access Control 		CVE-2026-37709 2026-05-8 03:50 2026-05-8 Show GitHub Exploit DB Packet Storm
1186 7.5 HIGH
Network 		- - Regex Denial of Service in youtube-regex npm package through version 1.0.5. CWE-400
 Uncontrolled Resource Consumption 		CVE-2025-65122 2026-05-8 03:50 2026-05-8 Show GitHub Exploit DB Packet Storm
1187 6.8 MEDIUM
Physics 		- - Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.​ CWE-1263
 Improper Physical Access Control 		CVE-2025-4386 2026-05-8 03:46 2026-05-8 Show GitHub Exploit DB Packet Storm
1188 6.8 MEDIUM
Physics 		- - Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data. CWE-313
 Cleartext Storage in a File or on Disk 		CVE-2025-4397 2026-05-8 03:46 2026-05-8 Show GitHub Exploit DB Packet Storm
1189 8.8 HIGH
Network 		- - An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote authenticated attacker to gain administrative access. CWE-284
Improper Access Control 		CVE-2026-5786 2026-05-8 03:46 2026-05-8 Show GitHub Exploit DB Packet Storm
1190 8.9 HIGH
Network 		- - An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-… CWE-295
Improper Certificate Validation  		CVE-2026-5787 2026-05-8 03:46 2026-05-8 Show GitHub Exploit DB Packet Storm