Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251281	7.5	危険	Lucid Crew	-	Pixie CMS における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4710	2011-12-13 14:53	2011-12-8	Show	GitHub Exploit DB Packet Storm

251282	4.3	警告	Hotaru CMS	-	Hotaru CMS の Search プラグイン内にある Hotaru.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4709	2011-12-13 14:52	2011-12-8	Show	GitHub Exploit DB Packet Storm

251283	4.3	警告	IBM	-	IBM Rational Asset Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4708	2011-12-13 14:51	2011-05-5	Show	GitHub Exploit DB Packet Storm

251284	4.3	警告	SAP	-	SAP Netweaver の Virus Scan Interface におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4707	2011-12-13 14:50	2011-12-8	Show	GitHub Exploit DB Packet Storm

251285	5	警告	Igor Sysoev	-	nginx におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4315	2011-12-13 14:49	2011-11-15	Show	GitHub Exploit DB Packet Storm

251286	7.5	危険	Mambo Foundation	-	Mambo CMS の administrator/index2.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-2917	2011-12-13 14:41	2011-12-8	Show	GitHub Exploit DB Packet Storm

251287	6.8	警告	MIT Kerberos	-	MIT Kerberos の process_tgs_req 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1530	2011-12-13 14:40	2011-12-6	Show	GitHub Exploit DB Packet Storm

251288	6.4	警告	BlackBerry	-	BlackBerry Administration API におけるテキストファイルを読まれる脆弱性	CWE-noinfo 情報不足	CVE-2011-0287	2011-12-13 14:35	2011-07-12	Show	GitHub Exploit DB Packet Storm

251289	6.4	警告	Widelands	-	Widelands におけるパストラバーサル攻撃を誘発される脆弱性	CWE-22 パス・トラバーサル	CVE-2011-4675	2011-12-12 18:21	2011-12-5	Show	GitHub Exploit DB Packet Storm

251290	5	警告	One Click Orgs	-	One Click Orgs のパスワードリセット機能におけるユーザアカウントを列挙される脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-4678	2011-12-12 18:19	2011-12-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3681	9.8	CRITICAL Network	synway	smg_gateway_management_software	Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and in…	CWE-78 OS Command	CVE-2025-71284	2026-05-6 03:09	2026-05-1	Show	GitHub Exploit DB Packet Storm

3682	8.0	HIGH Network	jenkins	html_publisher	Jenkins HTML Publisher Plugin 427 and earlier does not escape job name and URL in the legacy wrapper file, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with…	CWE-79 Cross-site Scripting	CVE-2026-42524	2026-05-6 03:06	2026-04-29	Show	GitHub Exploit DB Packet Storm

3683	9.0	CRITICAL Network	jenkins	github	Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling", resulting in a…	CWE-79 Cross-site Scripting	CVE-2026-42523	2026-05-6 03:06	2026-04-29	Show	GitHub Exploit DB Packet Storm

3684	5.9	MEDIUM Network	elastic	elastic_package_registry	Improper Verification of Cryptographic Signature (CWE-347) in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence the contents served t…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-33467	2026-05-6 02:55	2026-04-29	Show	GitHub Exploit DB Packet Storm

3685	4.4	MEDIUM Local	oracle	linux	An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to -- or instruments -- that process (via…	CWE-125 Out-of-bounds Read	CVE-2026-35233	2026-05-6 02:46	2026-05-2	Show	GitHub Exploit DB Packet Storm

3686	5.5	MEDIUM Local	oracle	linux	An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()	CWE-369 Divide By Zero	CVE-2026-21996	2026-05-6 02:45	2026-05-2	Show	GitHub Exploit DB Packet Storm

3687	7.3	HIGH Network	gnu	glibc	The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write w…	CWE-787 Out-of-bounds Write	CVE-2026-5435	2026-05-6 02:38	2026-04-28	Show	GitHub Exploit DB Packet Storm

3688	7.8	HIGH Local	kde	kcoreaddons	In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading …	CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences	CVE-2026-41526	2026-05-6 02:25	2026-04-28	Show	GitHub Exploit DB Packet Storm

3689	2.6	LOW Adjacent	-	-	A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_rout…	CWE-310 CWE-330 Cryptographic Issues Use of Insufficiently Random Values	CVE-2026-7847	2026-05-6 02:17	2026-05-6	Show	GitHub Exploit DB Packet Storm

3690	5.9	MEDIUM Network	-	-	A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with a…	CWE-120 Classic Buffer Overflow	CVE-2026-34956	2026-05-6 02:17	2026-05-6	Show	GitHub Exploit DB Packet Storm