Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
214731	7.5	危険	WordPress.org	-	WordPress のウイジェットの実装の wp-includes/class-wp-customize-widgets.php における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2014-5203	2014-08-19 16:38	2014-08-6	Show	GitHub Exploit DB Packet Storm

214732	6.1	警告	BlackBerry	-	Blackberry の Storage および Access サービスにおける任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-2388	2014-08-19 16:04	2014-08-12	Show	GitHub Exploit DB Packet Storm

214733	10	危険	Novell	-	Linux 用 Novell Open Enterprise Server における脆弱性	CWE-noinfo 情報不足	CVE-2014-0609	2014-08-19 15:49	2014-08-7	Show	GitHub Exploit DB Packet Storm

214734	7.1	危険	シーメンス	-	Siemens SIMATIC S7-1500 CPU デバイスのファームウェアにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2014-5074	2014-08-19 15:13	2014-08-14	Show	GitHub Exploit DB Packet Storm

214735	7.2	危険	Linux	-	Linux Kernel の fs/namespace.c の do_remount 関数における読み取り専用の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-5206	2014-08-19 15:06	2014-07-28	Show	GitHub Exploit DB Packet Storm

214736	4.3	警告	LINE株式会社	-	Windows および Mac OS X 上で稼働する LINE におけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2013-7144	2014-08-19 14:35	2013-12-18	Show	GitHub Exploit DB Packet Storm

214737	4	警告	IBM	-	IBM Business Process Manager および WebSphere Lombardi Edition の callService.do における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2014-3087	2014-08-19 14:28	2014-08-15	Show	GitHub Exploit DB Packet Storm

214738	4.3	警告	IBM	-	IBM WebSphere DataPower SOA アプライアンスにおける PreMasterSecret 値を取得される脆弱性	CWE-310 暗号の問題	CVE-2014-0852	2014-08-19 13:53	2014-07-29	Show	GitHub Exploit DB Packet Storm

214739	2.1	注意	IBM	-	Windows および OS X 上で稼動する IBM Tivoli Storage Manager のバックアップ/アーカイブ・クライアントのプリファレンス・エディターおよび Java GUI 構成ウィザードにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-0876	2014-08-19 12:23	2014-08-12	Show	GitHub Exploit DB Packet Storm

214740	4.3	警告	IBM	-	IBM GCM16 および GCM32 Global Console Manager スイッチのファームウェアにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-3080	2014-08-19 11:53	2014-07-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
661	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling. In 'Elixir.Phoenix.Trans… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-32689	2026-05-6 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

662	-		-	-	The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing aut… New	-	CVE-2026-31196	2026-05-6 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

663	-		-	-	The ping diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing authentic… New	-	CVE-2026-31195	2026-05-6 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

664	6.5	MEDIUM Network	-	-	Fiber is a web framework for Go. In github.com/gofiber/fiber/v3 versions through 3.1.0, the default key generator in the cache middleware uses only the request path and does not include the query str… New	CWE-436 Interpretation Conflict	CVE-2026-30246	2026-05-6 01:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

665	5.4	MEDIUM Network	-	-	Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver n… New	CWE-79 Cross-site Scripting	CVE-2026-27694	2026-05-6 01:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

666	9.8	CRITICAL Network	-	-	Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file… New	CWE-122 Heap-based Buffer Overflow	CVE-2025-70067	2026-05-6 01:16	2026-05-4	Show	GitHub Exploit DB Packet Storm

667	8.1	HIGH Network	-	-	IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authen… New	CWE-284 Improper Access Control	CVE-2025-67796	2026-05-6 01:16	2026-05-5	Show	GitHub Exploit DB Packet Storm

668	-		-	-	Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._red… New	CWE-601 Open Redirect	CVE-2025-61669	2026-05-6 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

669	-		-	-	ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS) via the system status webpage. New	-	CVE-2025-52206	2026-05-6 01:16	2026-05-6	Show	GitHub Exploit DB Packet Storm

670	4.9	MEDIUM Network	sonicwall	sonicos	A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall. Update	CWE-121 Stack-based Buffer Overflow	CVE-2026-0206	2026-05-6 01:12	2026-04-30	Show	GitHub Exploit DB Packet Storm