Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
213421	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 10 および 11 における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2015-0068	2015-02-13 11:20	2015-02-10	Show	GitHub Exploit DB Packet Storm

213422	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer 10 および 11 における ASLR 保護メカニズムを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-0069	2015-02-13 11:20	2015-02-10	Show	GitHub Exploit DB Packet Storm

213423	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer 6 から 11 におけるコンテンツを読まれる脆弱性	CWE-200 情報漏えい	CVE-2015-0070	2015-02-13 11:20	2015-02-10	Show	GitHub Exploit DB Packet Storm

213424	7.5	危険	Perl CGI's By Mrs.Shiromuku	-	shiromuku(bu2)BBS における任意のファイルを作成される脆弱性	CWE-20 不適切な入力確認	CVE-2015-0868	2015-02-13 09:51	2015-01-23	Show	GitHub Exploit DB Packet Storm

213425	4.3	警告	Zoho Corporation	-	ZOHO ManageEngine SupportCenter Plus におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-0866	2015-02-12 16:52	2015-01-23	Show	GitHub Exploit DB Packet Storm

213426	7.5	危険	Zoho Corporation	-	ZOHO ManageEngine OpManager の FailOverHelperServlet サーブレットにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-7864	2015-02-12 16:52	2014-10-5	Show	GitHub Exploit DB Packet Storm

213427	6.8	警告	Zoho Corporation	-	ZOHO ManageEngine Desktop Central におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2014-9331	2015-02-12 16:52	2014-12-7	Show	GitHub Exploit DB Packet Storm

213428	6.5	警告	Zoho Corporation	-	ZOHO ManageEngine ServiceDesk Plus の reports/CreateReportTable.jsp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-1479	2015-02-12 16:52	2015-01-22	Show	GitHub Exploit DB Packet Storm

213429	4	警告	Zoho Corporation	-	ZOHO ManageEngine ServiceDesk Plus における重要なチケット情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-1480	2015-02-12 16:52	2015-01-22	Show	GitHub Exploit DB Packet Storm

213430	5	警告	シスコシステムズ	-	Cisco WebEx Meetings Server の XMLAPI における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-0595	2015-02-12 15:32	2015-01-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2291	4.7	MEDIUM Local	-	-	The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability (CVE-2026-5061) …	CWE-59 Link Following	CVE-2026-5061	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

2292	6.0	MEDIUM Local	-	-	HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026…	CWE-59 Link Following	CVE-2026-6959	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

2293	8.8	HIGH Network	-	-	HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability (CVE-2026-7474) is fixed in Nomad 2.0.1, 1.…	CWE-22 Path Traversal	CVE-2026-7474	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

2294	6.0	MEDIUM Local	-	-	HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-8…	CWE-59 Link Following	CVE-2026-8052	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

2295	-		-	-	Use after free for some Linux kernel driver for the Intel(R) Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an aut…	CWE-416 Use After Free	CVE-2025-27723	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

2296	-		-	-	Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adver…	CWE-427 Uncontrolled Search Path Element	CVE-2025-35969	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

2297	-		-	-	Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow …	-	CVE-2025-35979	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

2298	-		-	-	Improper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged softwar…	CWE-20 Improper Input Validation	CVE-2025-35990	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

2299	-		-	-	Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with …	CWE-665 Improper Initialization	CVE-2025-35991	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

2300	-		-	-	Improper buffer restrictions for some Display Virtualization for Windows OS driver software within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an authen…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2025-36510	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm