Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
211471 7.5 危険 xlinkerz - xlinkerz ecommerceMajor における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-1476 2015-02-13 18:40 2015-01-22 Show GitHub Exploit DB Packet Storm
211472 4.3 警告 ASUSTeK Computer Inc. - Asus RT-N10 Plus D1 ルータのファームウェアにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-1437 2015-02-13 18:40 2015-01-29 Show GitHub Exploit DB Packet Storm
211473 7.5 危険 CMSJunkie - Joomla! 用 CMSJunkie J-ClassifiedsManager コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-1477 2015-02-13 18:40 2015-01-26 Show GitHub Exploit DB Packet Storm
211474 4.3 警告 my little homepage - my little forum におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-1475 2015-02-13 18:40 2015-02-3 Show GitHub Exploit DB Packet Storm
211475 4.3 警告 CMSJunkie - Joomla! 用 CMSJunkie J-ClassifiedsManager コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-1478 2015-02-13 18:40 2015-01-26 Show GitHub Exploit DB Packet Storm
211476 10 危険 SerVision - SerVision HVG Video Gateway デバイスのファームウェアの Web インターフェースの time.htm における認証を回避される脆弱性 CWE-Other
その他 		CVE-2015-0929 2015-02-13 18:36 2015-02-2 Show GitHub Exploit DB Packet Storm
211477 10 危険 SerVision - SerVision HVG Video Gateway デバイスのファームウェアにおけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2015-0930 2015-02-13 18:36 2015-02-2 Show GitHub Exploit DB Packet Storm
211478 9 危険 SerVision - SerVision HVG Video Gateway デバイスのファームウェアの Web インターフェースの time.htm における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-1469 2015-02-13 18:36 2015-02-3 Show GitHub Exploit DB Packet Storm
211479 4.9 警告 シスコシステムズ - Cisco NX-OS の TACACS+ command-authorization の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-8013 2015-02-13 18:34 2014-10-8 Show GitHub Exploit DB Packet Storm
211480 4.3 警告 シスコシステムズ - Cisco AnyConnect Secure Mobility Client および Cisco HostScan エンジンにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8021 2015-02-13 18:34 2014-10-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1311 - - - Due to a lack of user account state validation during authentication, locked user accounts can be successfully authenticated using Magic Link or Pass Key methods. This bypasses the intended security … New CWE-863
 Incorrect Authorization 		CVE-2025-10908 2026-05-11 19:16 2026-05-11 Show GitHub Exploit DB Packet Storm
1312 5.3 MEDIUM
Network 		- - The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid use… New CWE-204
 Response Discrepancy Information Exposure 		CVE-2024-0391 2026-05-11 19:16 2026-05-11 Show GitHub Exploit DB Packet Storm
1313 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks… Update CWE-123
 Write-what-where Condition 		CVE-2026-43284 2026-05-11 17:16 2026-05-8 Show GitHub Exploit DB Packet Storm
1314 3.7 LOW
Network 		- - A flaw has been found in bettercap up to 2.41.5. Affected by this issue is some unknown functionality of the file modules/mysql_server/mysql_server.go of the component MySQL Server. Executing a manip… New CWE-189
CWE-192
Numeric Errors 		CVE-2026-8276 2026-05-11 15:16 2026-05-11 Show GitHub Exploit DB Packet Storm
1315 3.7 LOW
Network 		- - A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogod_ipp_primitives.go of the component zerogo… New CWE-189
CWE-192
Numeric Errors 		CVE-2026-8275 2026-05-11 15:16 2026-05-11 Show GitHub Exploit DB Packet Storm
1316 5.3 MEDIUM
Local 		- - A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads t… New CWE-22
Path Traversal 		CVE-2026-8274 2026-05-11 14:16 2026-05-11 Show GitHub Exploit DB Packet Storm
1317 3.3 LOW
Local 		- - A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a… New CWE-617
 Reachable Assertion 		CVE-2026-8257 2026-05-11 11:16 2026-05-11 Show GitHub Exploit DB Packet Storm
1318 4.7 MEDIUM
Network 		oracle macoron Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker w… Update CWE-601
CWE-346
Open Redirect
 Origin Validation Error 		CVE-2026-35253 2026-05-11 05:16 2026-05-6 Show GitHub Exploit DB Packet Storm
1319 6.5 MEDIUM
Local 		- - Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. New CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-45184 2026-05-11 03:16 2026-05-10 Show GitHub Exploit DB Packet Storm
1320 6.5 MEDIUM
Network 		- - Cross-Site request forgery (CSRF) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2. Update CWE-352
 Origin Validation Error 		CVE-2026-5791 2026-05-11 01:16 2026-05-7 Show GitHub Exploit DB Packet Storm