Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249211	7.6	危険	マイクロソフト	-	複数の Windows 製品で使用される Microsoft Windows Fax Services Cover Page Editor の CDrawPoly::Serialize 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4701	2012-04-3 10:57	2011-01-20	Show	GitHub Exploit DB Packet Storm

249212	7.8	危険	マイクロソフト	-	複数の Windows 製品の ND プロトコル実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4669	2012-04-3 10:57	2011-01-7	Show	GitHub Exploit DB Packet Storm

249213	9.3	危険	マイクロソフト	-	複数の Windows 製品の DAO ライブラリにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-4182	2012-04-3 10:57	2010-11-4	Show	GitHub Exploit DB Packet Storm

249214	7.2	危険	マイクロソフト	-	複数の Windows 製品の CreateDIBPalette 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2739	2012-04-3 10:57	2010-09-7	Show	GitHub Exploit DB Packet Storm

249215	7.8	危険	シスコシステムズ	-	Cisco IOS の Zone-Based Firewall の SIP 検査機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1315	2012-04-2 15:50	2012-03-28	Show	GitHub Exploit DB Packet Storm

249216	7.8	危険	シスコシステムズ	-	Cisco IOS の WAAS Express 機能におけるサービス運用妨害 (メモリ消費またはデバイスリロード) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1314	2012-04-2 15:48	2012-03-28	Show	GitHub Exploit DB Packet Storm

249217	7.1	危険	シスコシステムズ	-	Cisco IOS の MACE 機能におけるサービス運用妨害 (デバイスリロード) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1312	2012-04-2 15:46	2012-03-28	Show	GitHub Exploit DB Packet Storm

249218	7.8	危険	シスコシステムズ	-	Cisco IOS の RSVP 機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1311	2012-04-2 15:45	2012-03-28	Show	GitHub Exploit DB Packet Storm

249219	7.8	危険	シスコシステムズ	-	Cisco IOS の Zone-Based Firewall におけるサービス運用妨害 (メモリ消費またはデバイスリロード) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1310	2012-04-2 15:42	2012-03-28	Show	GitHub Exploit DB Packet Storm

249220	7.8	危険	シスコシステムズ	-	Cisco IOS の Zone-Based Firewall の H.323 検査機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-0388	2012-04-2 15:41	2012-03-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2371	5.5	MEDIUM Local	m2team	nanazip	NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPat…	CWE-674 Uncontrolled Recursion	CVE-2026-42445	2026-05-15 00:54	2026-05-13	Show	GitHub Exploit DB Packet Storm

2372	7.0	HIGH Local	microsoft	windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2019 windows_server_2022 windows_server_2022_…	Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.	CWE-367 CWE-416 Time-of-check Time-of-use (TOCTOU) Race Condition Use After Free	CVE-2026-35418	2026-05-15 00:53	2026-05-13	Show	GitHub Exploit DB Packet Storm

2373	-		-	-	Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidenti…	CWE-306 Missing Authentication for Critical Function	CVE-2025-62619	2026-05-15 00:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

2374	-		-	-	Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resource…	CWE-269 Improper Privilege Management	CVE-2025-62625	2026-05-15 00:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

2375	-		-	-	Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution.	CWE-427 Uncontrolled Search Path Element	CVE-2025-62628	2026-05-15 00:53	2026-05-15	Show	GitHub Exploit DB Packet Storm

2376	5.5	MEDIUM Local	microsoft	windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2025	Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.	CWE-125 Out-of-bounds Read	CVE-2026-35419	2026-05-15 00:52	2026-05-13	Show	GitHub Exploit DB Packet Storm

2377	7.1	HIGH Local	m2team	nanazip	NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered …	CWE-125 Out-of-bounds Read	CVE-2026-42446	2026-05-15 00:49	2026-05-13	Show	GitHub Exploit DB Packet Storm

2378	7.1	HIGH Network	m2team	nanazip	NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is …	CWE-787 Out-of-bounds Write	CVE-2026-44215	2026-05-15 00:48	2026-05-13	Show	GitHub Exploit DB Packet Storm

2379	8.8	HIGH Adjacent	microsoft	windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2012 windows_server_2016 w…	Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.	CWE-122 Heap-based Buffer Overflow	CVE-2026-34329	2026-05-15 00:43	2026-05-13	Show	GitHub Exploit DB Packet Storm

2380	7.5	HIGH Network	vllm	vllm	vLLM is an inference and serving engine for large language models (LLMs). From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, tex…	CWE-129 Improper Validation of Array Index	CVE-2026-44222	2026-05-15 00:38	2026-05-13	Show	GitHub Exploit DB Packet Storm