Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241971	6.8	警告	Joomla! Blue Constant Media Ltd	-	Joomla! 用の DJ-Catalog コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3661	2012-06-26 16:18	2009-10-11	Show	GitHub Exploit DB Packet Storm

241972	6.8	警告	eFront Learning	-	Efront の libraries/database.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2009-3660	2012-06-26 16:18	2009-10-11	Show	GitHub Exploit DB Packet Storm

241973	9.3	危険	AOL	-	AOL の sb.dll における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3658	2012-06-26 16:18	2009-10-9	Show	GitHub Exploit DB Packet Storm

241974	6.4	警告	Drupal 316solutions	-	Drupal 用の Boost モジュールにおける新しい webroot ディレクトリを生成される脆弱性	CWE-Other その他	CVE-2009-3654	2012-06-26 16:18	2009-09-30	Show	GitHub Exploit DB Packet Storm

241975	3.5	注意	Drupal darren oh	-	Drupal 用モジュールの XML Sitemap の追加リンクインターフェースにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3653	2012-06-26 16:18	2009-09-30	Show	GitHub Exploit DB Packet Storm

241976	4.3	警告	Drupal david strauss	-	Drupa のモジュールの Dex におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3650	2012-06-26 16:18	2009-09-30	Show	GitHub Exploit DB Packet Storm

241977	3.5	注意	Drupal apsivam	-	Drupal のモジュールの Service Links におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3648	2012-06-26 16:18	2009-10-9	Show	GitHub Exploit DB Packet Storm

241978	5	警告	dxmsoft	-	Dxmsoft XM Easy Personal FTP Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-3643	2012-06-26 16:18	2009-10-9	Show	GitHub Exploit DB Packet Storm

241979	7.5	危険	frontrange	-	FrontRange HEAT の Call Logging 機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3642	2012-06-26 16:18	2009-10-9	Show	GitHub Exploit DB Packet Storm

241980	4.3	警告	derrick oswald	-	HTML-Parser の decode_entities 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-3627	2012-06-26 16:18	2009-10-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1421	4.7	MEDIUM Local	-	-	The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability (CVE-2026-5061) …	CWE-59 Link Following	CVE-2026-5061	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

1422	6.0	MEDIUM Local	-	-	HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026…	CWE-59 Link Following	CVE-2026-6959	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

1423	8.8	HIGH Network	-	-	HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability (CVE-2026-7474) is fixed in Nomad 2.0.1, 1.…	CWE-22 Path Traversal	CVE-2026-7474	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

1424	6.0	MEDIUM Local	-	-	HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-8…	CWE-59 Link Following	CVE-2026-8052	2026-05-14 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

1425	-		-	-	Use after free for some Linux kernel driver for the Intel(R) Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an aut…	CWE-416 Use After Free	CVE-2025-27723	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

1426	-		-	-	Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adver…	CWE-427 Uncontrolled Search Path Element	CVE-2025-35969	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

1427	-		-	-	Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow …	-	CVE-2025-35979	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

1428	-		-	-	Improper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged softwar…	CWE-20 Improper Input Validation	CVE-2025-35990	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

1429	-		-	-	Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with …	CWE-665 Improper Initialization	CVE-2025-35991	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

1430	-		-	-	Improper buffer restrictions for some Display Virtualization for Windows OS driver software within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an authen…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2025-36510	2026-05-14 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm