Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
481	9.8	緊急 Network	Apache Software Foundation	MINA	Apache Software FoundationのMINAにおける信頼できないデータのデシリアライゼーションに関する脆弱性 New	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-42779	2026-05-7 12:04	2026-05-1	Show	GitHub Exploit DB Packet Storm

482	7.5	重要 Network	レッドハット GNOME Project	gdk-pixbuf Red Hat Enterprise Linux Server TUS Red Hat Enterprise Linux Server AUS Red Hat Enterprise Linux	GNOME Project等の複数ベンダの製品におけるヒープベースのバッファオーバーフローの脆弱性 New	CWE-122 ヒープオーバーフロー	CVE-2026-5201	2026-05-7 12:04	2026-03-31	Show	GitHub Exploit DB Packet Storm

483	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける再帰制御に関する脆弱性 New	CWE-674 不適切な再帰制御	CVE-2026-5299	2026-05-7 12:04	2026-04-30	Show	GitHub Exploit DB Packet Storm

484	8.4	重要 Local	FreeBSD	FreeBSD	FreeBSDにおける解放済みメモリの使用に関する脆弱性 New	CWE-416 解放済みメモリの使用	CVE-2026-5398	2026-05-7 12:04	2026-04-22	Show	GitHub Exploit DB Packet Storm

485	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける再帰制御に関する脆弱性 New	CWE-674 不適切な再帰制御	CVE-2026-5401	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

486	8.8	重要 Network	Wireshark	Wireshark	Wiresharkにおけるヒープベースのバッファオーバーフローの脆弱性 New	CWE-122 ヒープオーバーフロー	CVE-2026-5402	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

487	7.8	重要 Local	Wireshark	Wireshark	Wiresharkにおける複数の脆弱性 New	CWE-122 CWE-787	CVE-2026-5403	2026-05-7 12:03	2026-05-1	Show	GitHub Exploit DB Packet Storm

488	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける古典的バッファオーバーフローの脆弱性 New	CWE-120 古典的バッファオーバーフロー	CVE-2026-5404	2026-05-7 12:03	2026-05-1	Show	GitHub Exploit DB Packet Storm

489	7.8	重要 Local	Wireshark	Wireshark	Wiresharkにおける複数の脆弱性 New	CWE-122 CWE-787	CVE-2026-5405	2026-05-7 12:03	2026-05-1	Show	GitHub Exploit DB Packet Storm

490	5.5	警告 Local	Wireshark	Wireshark	Wiresharkにおける再帰制御に関する脆弱性 New	CWE-674 不適切な再帰制御	CVE-2026-5406	2026-05-7 12:03	2026-04-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312671	7.5	HIGH Network	dorsettcontrols	infoscan	Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys.	NVD-CWE-noinfo	CVE-2024-39287	2024-08-29 23:23	2024-08-9	Show	GitHub Exploit DB Packet Storm

312672	3.7	LOW Network	dorsettcontrols	infoscan	The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure.	CWE-22 Path Traversal	CVE-2024-42408	2024-08-29 23:22	2024-08-9	Show	GitHub Exploit DB Packet Storm

312673	9.0	CRITICAL Network	vrcx-team	vrcx	VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to re…	CWE-79 Cross-site Scripting	CVE-2024-42366	2024-08-29 23:04	2024-08-9	Show	GitHub Exploit DB Packet Storm

312674	4.8	MEDIUM Network	concretecms	concrete_cms	Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVS…	CWE-79 Cross-site Scripting	CVE-2024-7394	2024-08-29 22:41	2024-08-9	Show	GitHub Exploit DB Packet Storm

312675	9.8	CRITICAL Network	havocframework	havoc	An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-41570	2024-08-29 22:32	2024-08-12	Show	GitHub Exploit DB Packet Storm

312676	-		-	-	Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentia…	CWE-788 Access of Memory Location After End of Buffer	CVE-2024-38304	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

312677	-		-	-	Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vu…	CWE-20 Improper Input Validation	CVE-2024-38303	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

312678	7.2	HIGH Network	-	-	The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'images_array' parameter in versions up to, and including 2.8. This makes it possible for authenticat…	CWE-502 Deserialization of Untrusted Data	CVE-2022-2440	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

312679	-		-	-	The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. `aws…	-	CVE-2024-45043	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

312680	-		-	-	Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function i…	-	CVE-2024-42905	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm