Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 12:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230501	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2012-2539	2012-12-17 10:55	2012-12-11	Show	GitHub Exploit DB Packet Storm

230502	6.8	警告	Netsweeper, Inc.	-	Netsweeper の WebAdmin Portal におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-2447	2012-12-17 10:53	2012-07-9	Show	GitHub Exploit DB Packet Storm

230503	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 6 から 10 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-4781	2012-12-17 10:52	2012-12-11	Show	GitHub Exploit DB Packet Storm

230504	10	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-4786	2012-12-17 10:50	2012-12-11	Show	GitHub Exploit DB Packet Storm

230505	10	危険	マイクロソフト	-	Microsoft Internet Explorer 9 および 10 における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-4787	2012-12-17 10:49	2012-12-11	Show	GitHub Exploit DB Packet Storm

230506	3.5	注意	マイクロソフト	-	Microsoft Exchange Server 2007 および 2010 におけるサービス運用妨害 (DoS) の脆弱性	CWE-94 コード・インジェクション	CVE-2012-4791	2012-12-17 10:47	2012-12-11	Show	GitHub Exploit DB Packet Storm

230507	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2012-5678	2012-12-17 10:45	2012-12-11	Show	GitHub Exploit DB Packet Storm

230508	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-5677	2012-12-17 10:44	2012-12-11	Show	GitHub Exploit DB Packet Storm

230509	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-5676	2012-12-17 10:43	2012-12-11	Show	GitHub Exploit DB Packet Storm

230510	10	危険	Mozilla Foundation	-	複数の Mozilla 製品における任意の JavaScript コードを実行される脆弱性	CWE-DesignError	CVE-2012-1967	2012-12-14 18:33	2012-07-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
461	8.8	HIGH Network	-	-	CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Update	CWE-89 SQL Injection	CVE-2026-7489	2026-05-6 05:14	2026-05-2	Show	GitHub Exploit DB Packet Storm

462	7.2	HIGH Network	-	-	CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution… Update	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2026-7490	2026-05-6 05:14	2026-05-2	Show	GitHub Exploit DB Packet Storm

463	-		-	-	Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5. New	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2026-6499	2026-05-6 05:14	2026-05-4	Show	GitHub Exploit DB Packet Storm

464	-		-	-	Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5. New	CWE-256 Plaintext Storage of a Password	CVE-2026-6500	2026-05-6 05:14	2026-05-5	Show	GitHub Exploit DB Packet Storm

465	-		-	-	Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup. This issue affects jOpenDocument: 1.5. New	CWE-611 XXE	CVE-2026-6501	2026-05-6 05:14	2026-05-5	Show	GitHub Exploit DB Packet Storm

466	8.8	HIGH Adjacent	google	android	In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as… New	CWE-303 Incorrect Implementation of Authentication Algorithm	CVE-2026-0073	2026-05-6 04:54	2026-05-5	Show	GitHub Exploit DB Packet Storm

467	9.8	CRITICAL Network	-	-	Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards it to the plugin manager… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-42796	2026-05-6 04:50	2026-05-5	Show	GitHub Exploit DB Packet Storm

468	7.1	HIGH Local	-	-	Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal seq… New	CWE-23 Relative Path Traversal	CVE-2026-43616	2026-05-6 04:50	2026-05-5	Show	GitHub Exploit DB Packet Storm

469	7.5	HIGH Network	-	-	Easy PayPal Events & Tickets plugin for WordPress version 1.3 and earlier contain a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated rem… New	CWE-798 Use of Hard-coded Credentials	CVE-2026-32834	2026-05-6 04:47	2026-05-5	Show	GitHub Exploit DB Packet Storm

470	7.5	HIGH Network	-	-	Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to en… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-41471	2026-05-6 04:47	2026-05-5	Show	GitHub Exploit DB Packet Storm