Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224711	6.8	警告	NVIDIA	-	Windows 上で稼働する NVIDIA ドライバにおける権限を取得される脆弱性	CWE-DesignError	CVE-2013-0111	2013-04-10 14:32	2013-02-15	Show	GitHub Exploit DB Packet Storm

224712	6.8	警告	NVIDIA	-	Windows 上で稼働する NVIDIA ドライバにおける権限を取得される脆弱性	CWE-DesignError	CVE-2013-0110	2013-04-10 14:32	2013-02-15	Show	GitHub Exploit DB Packet Storm

224713	7.2	危険	NVIDIA	-	NVIDIA ディスプレイドライバサービスの NVIDIA ドライバにおける権限を取得される脆弱性	CWE-119 バッファエラー	CVE-2013-0109	2013-04-10 14:26	2013-02-15	Show	GitHub Exploit DB Packet Storm

224714	7.5	危険	chatelao	-	PHP Address Book におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2778	2013-04-10 14:20	2013-04-5	Show	GitHub Exploit DB Packet Storm

224715	7.5	危険	chatelao	-	PHP Address Book に SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-0135	2013-04-10 12:40	2013-04-8	Show	GitHub Exploit DB Packet Storm

224716	7.1	危険	NVIDIA	-	NVIDIA 製ビデオカードのディスプレイドライバにバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0131	2013-04-10 12:23	2013-04-8	Show	GitHub Exploit DB Packet Storm

224717	4.3	警告	ARM Ltd. (旧 Offspark)	-	PolarSSL の SSL モジュールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1621	2013-04-9 17:08	2013-02-2	Show	GitHub Exploit DB Packet Storm

224718	2.9	注意	Wireshark	-	Wireshark の DCP-ETSI 解析機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1581	2013-04-9 17:02	2013-01-29	Show	GitHub Exploit DB Packet Storm

224719	2.9	注意	Wireshark	-	Wireshark の DOCSIS CM-STATUS 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1580	2013-04-9 16:57	2013-01-29	Show	GitHub Exploit DB Packet Storm

224720	2.9	注意	Wireshark	-	Wireshark の CLNP 解析機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-189 数値処理の問題	CVE-2013-1582	2013-04-9 16:55	2013-01-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
111	7.7	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery (SSRF) vulnerability exists in _process_picture_url() … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45338	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

112	8.5	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_url() in backend/open_webui/retrieval/web/utils.py calls validators.ipv6(ip… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45331	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

113	9.1	CRITICAL Network	-	-	phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the /admin/check endpoint, which accepts arbitrary user-id parameters without session bind… New	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2026-45010	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

114	6.5	MEDIUM Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standard channels (i.e., channels whose channel.type is neither group nor dm), th… New	CWE-862 Missing Authorization	CVE-2026-44571	2026-05-16 08:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

115	6.5	MEDIUM Network	-	-	Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer GifRow sized… New	CWE-787 Out-of-bounds Write	CVE-2026-8669	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

116	5.3	MEDIUM Local	-	-	Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer G… New	CWE-787 Out-of-bounds Write	CVE-2026-8454	2026-05-16 07:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

117	-		-	-	Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage. New	CWE-331 Insufficient Entropy	CVE-2026-46474	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

118	5.4	MEDIUM Network	-	-	phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/{tagId} endpoint that allows any authenticated user to delete tags. Any logged-in user, incl… New	CWE-862 Missing Authorization	CVE-2026-46365	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

119	7.5	HIGH Network	-	-	phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attac… New	CWE-89 SQL Injection	CVE-2026-46359	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

120	8.0	HIGH Network	-	-	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user can permanently delete files owned by other users via DELETE … New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45671	2026-05-16 07:16	2026-05-16	Show	GitHub Exploit DB Packet Storm