Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252311	2.6	注意	OWASP	-	OWASP HTML Sanitizer おける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-4457	2011-11-21 16:10	2011-11-17	Show	GitHub Exploit DB Packet Storm

252312	7.5	危険	Google	-	Google Chrome で使用される Google V8 におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2011-3900	2011-11-21 16:10	2011-11-16	Show	GitHub Exploit DB Packet Storm

252313	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の simplexml_load_string 関数における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2011-4107	2011-11-21 16:08	2011-11-10	Show	GitHub Exploit DB Packet Storm

252314	5	警告	The phpMyAdmin Project	-	phpMyAdmin の phpmyadmin.css.php における重要な情報を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2011-3646	2011-11-21 16:08	2011-10-17	Show	GitHub Exploit DB Packet Storm

252315	5	警告	Squid-cache.org	-	Squid の idnsGrokReply 関数におけるサービス運用妨害 (デーモンの停止) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-4096	2011-11-21 16:05	2011-10-17	Show	GitHub Exploit DB Packet Storm

252316	5	警告	Openswan レッドハット	-	Openswan におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2011-3380	2011-11-21 16:04	2011-10-5	Show	GitHub Exploit DB Packet Storm

252317	4.3	警告	ClamAV	-	ClamAV のバイトコードエンジンにおけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-189 数値処理の問題	CVE-2011-3627	2011-11-21 16:03	2011-11-17	Show	GitHub Exploit DB Packet Storm

252318	4.3	警告	Robert Luberda	-	man2html の man2html.cgi.c におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-2770	2011-11-21 16:01	2011-11-17	Show	GitHub Exploit DB Packet Storm

252319	7.5	危険	ＨＰの回し者	-	ＨＰの回し者製日記における OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-4002	2011-11-21 12:02	2011-11-21	Show	GitHub Exploit DB Packet Storm

252320	5	警告	ＨＰの回し者	-	ＨＰの回し者製日記におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-4001	2011-11-21 12:02	2011-11-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3351	-		-	-	CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Theme::upload extracts u…	CWE-22 Path Traversal	CVE-2026-41203	2026-05-8 00:16	2026-05-7	Show	GitHub Exploit DB Packet Storm

3352	7.1	HIGH Adjacent	-	-	AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is extracted fro…	CWE-126 Buffer Over-read	CVE-2026-37532	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

3353	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision_call function in src/afb-supervision.c explicitl…	CWE-269 Improper Privilege Management	CVE-2026-37525	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

3354	7.8	HIGH Local	-	-	AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without authenticatio…	CWE-284 Improper Access Control	CVE-2026-37526	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

3355	9.8	CRITICAL Network	-	-	AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename fu…	CWE-22 CWE-367 Path Traversal Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-37531	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

3356	3.1	LOW Network	google	chrome	Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted …	CWE-352 CWE-1021 Origin Validation Error Improper Restriction of Rendered UI Layers or Frames	CVE-2026-8022	2026-05-8 00:15	2026-05-7	Show	GitHub Exploit DB Packet Storm

3357	5.5	MEDIUM Local	-	-	Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bound…	CWE-125 Out-of-bounds Read	CVE-2026-42481	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

3358	7.5	HIGH Network	-	-	AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD…	CWE-121 Stack-based Buffer Overflow	CVE-2026-37530	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

3359	9.8	CRITICAL Network	-	-	Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Transfer,allows attackers to write to arb…	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2026-37534	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm

3360	10.0	CRITICAL Network	-	-	Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers t…	CWE-121 Stack-based Buffer Overflow	CVE-2026-37541	2026-05-8 00:15	2026-05-2	Show	GitHub Exploit DB Packet Storm