Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3191 8.8 重要
Local 		neutrinolabs xrdp neutrinolabsのxrdpにおける削除された特権に対する不適切なチェックに関する脆弱性 CWE-273
削除された特権に対する不適切なチェック 		CVE-2026-32107 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
3192 8.1 重要
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-32623 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
3193 6.5 警告
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-32624 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
3194 6.3 警告
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-33145 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
3195 9.1 緊急
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-33516 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
3196 9.1 緊急
Network 		neutrinolabs xrdp neutrinolabsのxrdpにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-33689 2026-04-28 10:13 2026-04-17 Show GitHub Exploit DB Packet Storm
3197 2.9
Local 		オラクル Oracle GraalVM for JDK
Oracle GraalVM
JRE
JDK 		オラクルのOracle GraalVM等の複数製品における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-34268 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3198 9.8 緊急
Network 		オラクル Oracle Advanced Inbound Telephony オラクルのOracle Advanced Inbound Telephonyにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-34275 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3199 7.5 重要
Network 		オラクル Oracle GraalVM for JDK
Oracle GraalVM
JRE
JDK 		オラクルのOracle GraalVM等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-34282 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
3200 2.4
Network 		オラクル Oracle Database オラクルのOracle Databaseにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-34312 2026-04-28 10:13 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314931 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer deref in dcn20_resource.c Fixes a hang thats triggered when MPV is run on a DCN401 dGPU: mpv -… CWE-476
 NULL Pointer Dereference 		CVE-2024-43899 2024-08-27 23:38 2024-08-26 Show GitHub Exploit DB Packet Storm
314932 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason… CWE-416
 Use After Free 		CVE-2024-43900 2024-08-27 23:38 2024-08-26 Show GitHub Exploit DB Packet Storm
314933 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padata_mt_helper() We are hit with a not easily reproducible divide-by-0 panic in padat… CWE-369
 Divide By Zero 		CVE-2024-43889 2024-08-27 23:38 2024-08-26 Show GitHub Exploit DB Packet Storm
314934 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: mm: list_lru: fix UAF for memory cgroup The mem_cgroup_from_slab_obj() is supposed to be called under rcu lock or cgroup_mutex or… CWE-416
 Use After Free 		CVE-2024-43888 2024-08-27 23:37 2024-08-26 Show GitHub Exploit DB Packet Storm
314935 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check in resource_log_pipe_topology_update [WHY] When switching from "Extend" to "Second Display Only" … CWE-476
 NULL Pointer Dereference 		CVE-2024-43886 2024-08-27 23:37 2024-08-26 Show GitHub Exploit DB Packet Storm
314936 8.8 HIGH
Network 		zohocorp manageengine_adaudit_plus Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option. CWE-89
SQL Injection 		CVE-2024-5586 2024-08-27 23:37 2024-08-23 Show GitHub Exploit DB Packet Storm
314937 8.8 HIGH
Network 		zohocorp manageengine_adaudit_plus Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module. CWE-89
SQL Injection 		CVE-2024-5556 2024-08-27 23:36 2024-08-23 Show GitHub Exploit DB Packet Storm
314938 8.8 HIGH
Network 		zohocorp manageengine_adaudit_plus Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option. CWE-89
SQL Injection 		CVE-2024-5490 2024-08-27 23:36 2024-08-23 Show GitHub Exploit DB Packet Storm
314939 - - - A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the… - CVE-2024-42816 2024-08-27 23:35 2024-08-27 Show GitHub Exploit DB Packet Storm
314940 6.1 MEDIUM
Network 		zohocorp manageengine_servicedesk_plus_msp
manageengine_servicedesk_plus
manageengine_supportcenter_plus 		An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions… CWE-79
Cross-site Scripting 		CVE-2024-41150 2024-08-27 23:35 2024-08-24 Show GitHub Exploit DB Packet Storm