Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 28, 2026, 10 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 2691 | 10 |
緊急
Network |
huggingface | smolagents | huggingfaceのsmolagentsにおける複数の脆弱性 |
CWE-74 CWE-94 |
CVE-2026-4963 | 2026-05-7 12:29 | 2026-03-27 | Show | GitHub Exploit DB Packet Storm |
| 2692 | 8.8 |
重要
Network |
Shenzhen Tenda Technology Co.,Ltd. | ch22 ファームウェア | Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性 |
CWE-119 CWE-121 |
CVE-2026-5154 | 2026-05-7 12:28 | 2026-03-30 | Show | GitHub Exploit DB Packet Storm |
| 2693 | 9.8 |
緊急
Network |
TRENDnet | TEW-713RE FIRMWARE | TRENDnetのTEW-713RE FIRMWAREにおける複数の脆弱性 |
CWE-74 CWE-77 |
CVE-2026-5183 | 2026-05-7 12:28 | 2026-03-31 | Show | GitHub Exploit DB Packet Storm |
| 2694 | 8.8 |
重要
Network |
nothings | stb_truetype.h | nothingsのstb_truetype.hにおける複数の脆弱性 |
CWE-119 CWE-125 |
CVE-2026-5314 | 2026-05-7 12:28 | 2026-04-1 | Show | GitHub Exploit DB Packet Storm |
| 2695 | 8.8 |
重要
Network |
nothings | stb_truetype.h | nothingsのstb_truetype.hにおける複数の脆弱性 |
CWE-119 CWE-125 |
CVE-2026-5315 | 2026-05-7 12:28 | 2026-04-2 | Show | GitHub Exploit DB Packet Storm |
| 2696 | 6.5 |
警告
Network |
nothings | stb vorbis.c | nothingsのstb vorbis.cにおける複数の脆弱性 |
CWE-400 CWE-770 |
CVE-2026-5316 | 2026-05-7 12:28 | 2026-04-2 | Show | GitHub Exploit DB Packet Storm |
| 2697 | 8.8 |
重要
Network |
nothings | stb vorbis.c | nothingsのstb vorbis.cにおける複数の脆弱性 |
CWE-119 CWE-787 |
CVE-2026-5317 | 2026-05-7 12:28 | 2026-04-2 | Show | GitHub Exploit DB Packet Storm |
| 2698 | 8.8 |
重要
Network |
Shenzhen Tenda Technology Co.,Ltd. | ch22 ファームウェア | Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性 |
CWE-119 CWE-121 |
CVE-2026-5604 | 2026-05-7 12:28 | 2026-04-5 | Show | GitHub Exploit DB Packet Storm |
| 2699 | 8.8 |
重要
Network |
Shenzhen Tenda Technology Co.,Ltd. | ch22 ファームウェア | Shenzhen Tenda Technology Co.,Ltd.のch22 ファームウェアにおける複数の脆弱性 |
CWE-119 CWE-121 |
CVE-2026-5605 | 2026-05-7 12:28 | 2026-04-6 | Show | GitHub Exploit DB Packet Storm |
| 2700 | 8.8 |
重要
Network |
Shenzhen Tenda Technology Co.,Ltd. | HG3 Firmware | Shenzhen Tenda Technology Co.,Ltd.のHG3 Firmwareにおける複数の脆弱性 |
CWE-77 CWE-78 |
CVE-2026-7119 | 2026-05-7 12:28 | 2026-04-27 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 28, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 312911 | 7.5 |
HIGH
Network |
phpoffice | phpspreadsheet | PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX fil… |
CWE-918 CWE-36 Server-Side Request Forgery (SSRF) Absolute Path Traversal |
CVE-2024-45290 | 2024-10-17 04:54 | 2024-10-8 | Show | GitHub Exploit DB Packet Storm |
| 312912 | 8.2 |
HIGH
Network |
qualcomm |
qca6574au_firmware qca6574a_firmware qca6564au_firmware qca6564a_firmware mdm9628_firmware |
Information disclosure while parsing the multiple MBSSID IEs from the beacon. |
CWE-125
Out-of-bounds Read |
CVE-2024-33064 | 2024-10-17 04:52 | 2024-10-7 | Show | GitHub Exploit DB Packet Storm |
| 312913 | 7.8 |
HIGH
Local |
qualcomm |
wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcd9385_firmware wcd9380_firmware wcd9375_firmware
Memory corruption while taking snapshot when an offset variable is set by camera driver.
|
NVD-CWE-noinfo
|
CVE-2024-33065
|
2024-10-17 04:50 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 312914 | 9.8 |
CRITICAL
Network |
qualcomm |
snapdragon_x65_5g_modem-rf_system_firmware sdx65m_firmware sdx55_firmware qxm8083_firmware qcn9274_firmware qcn9160_firmware qcn9100_firmware qcn9074_firmware qcn9072_firmware… |
Memory corruption while redirecting log file to any file location with any file name. |
NVD-CWE-noinfo
|
CVE-2024-33066 | 2024-10-17 04:49 | 2024-10-7 | Show | GitHub Exploit DB Packet Storm |
| 312915 | 7.5 |
HIGH
Network |
qualcomm |
wsa8835_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcn3988_firmware wcn3980_firmware wcd9385_firmware wcd9380_firmware sw5100p_firmware sw5100_firmware … |
Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host. |
CWE-416
Use After Free |
CVE-2024-33069 | 2024-10-17 04:48 | 2024-10-7 | Show | GitHub Exploit DB Packet Storm |
| 312916 | 7.5 |
HIGH
Network |
qualcomm |
qca6574au_firmware qca6574a_firmware qca6564au_firmware qca6564a_firmware mdm9628_firmware |
Transient DOS while parsing ESP IE from beacon/probe response frame. |
CWE-125
Out-of-bounds Read |
CVE-2024-33070 | 2024-10-17 04:47 | 2024-10-7 | Show | GitHub Exploit DB Packet Storm |
| 312917 | 7.5 |
HIGH
Network |
qualcomm |
mdm9628_firmware qca6564a_firmware qca6564au_firmware qca6574a_firmware qca6574au_firmware |
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0. |
CWE-125
Out-of-bounds Read |
CVE-2024-33071 | 2024-10-17 04:41 | 2024-10-7 | Show | GitHub Exploit DB Packet Storm |
| 312918 | - | - | - | An issue in ILIFE com.ilife.home.global 1.8.7 allows a remote attacker to obtain sensitive information via the firmware update process. | - | CVE-2024-48790 | 2024-10-17 04:35 | 2024-10-15 | Show | GitHub Exploit DB Packet Storm | |
| 312919 | - | - | - | Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server. | - | CVE-2024-44734 | 2024-10-17 04:35 | 2024-10-12 | Show | GitHub Exploit DB Packet Storm | |
| 312920 | - | - | - | Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name. | - | CVE-2024-44730 | 2024-10-17 04:35 | 2024-10-12 | Show | GitHub Exploit DB Packet Storm |