Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225841 5 警告 Wireshark - Wireshark の GSM A RR 解析子におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-3242 2012-12-20 19:28 2009-09-15 Show GitHub Exploit DB Packet Storm
225842 7.8 危険 Wireshark - Wireshark の OpcUa 解析子におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-3241 2012-12-20 19:28 2009-09-15 Show GitHub Exploit DB Packet Storm
225843 7.5 危険 Tecnick.com - AIOCP の cp_html2txt.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3220 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
225844 6.8 警告 the-ghost - AWCM の a.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3219 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
225845 6.8 警告 the-ghost - AWCM の control/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3218 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
225846 7.5 危険 wiccle - iWiccle の admin モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3217 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
225847 4.3 警告 wiccle - iWiccle におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-3216 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
225848 3.6 注意 Vtiger - vtiger CRM におけるパーミッション回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3257 2012-12-20 19:28 2008-02-6 Show GitHub Exploit DB Packet Storm
225849 4 警告 Vtiger - vtiger CRM の include/utils/ListViewUtils.php における制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3251 2012-12-20 19:28 2007-10-4 Show GitHub Exploit DB Packet Storm
225850 7.5 危険 php-shop-system - Joomla! 用の IXXO Cart コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3215 2012-12-20 19:28 2009-09-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
891 5.9 MEDIUM
Network 		- - OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure VM insta… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41483 2026-05-8 00:04 2026-05-7 Show GitHub Exploit DB Packet Storm
892 5.3 MEDIUM
Adjacent 		- - OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collecto… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41484 2026-05-8 00:04 2026-05-7 Show GitHub Exploit DB Packet Storm
893 - - - xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior,… New CWE-91
Blind XPath Injection 		CVE-2026-41674 2026-05-8 00:02 2026-05-7 Show GitHub Exploit DB Packet Storm
894 9.8 CRITICAL
Network 		- - vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and… Update CWE-94
CWE-693
Code Injection
 Protection Mechanism Failure 		CVE-2026-24118 2026-05-8 00:00 2026-05-5 Show GitHub Exploit DB Packet Storm
895 9.8 CRITICAL
Network 		- - vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to write code which can escape from the VM… Update CWE-94
CWE-693
Code Injection
 Protection Mechanism Failure 		CVE-2026-24120 2026-05-8 00:00 2026-05-5 Show GitHub Exploit DB Packet Storm
896 9.8 CRITICAL
Network 		- - vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can es… Update CWE-94
CWE-693
Code Injection
 Protection Mechanism Failure 		CVE-2026-24781 2026-05-8 00:00 2026-05-5 Show GitHub Exploit DB Packet Storm
897 9.8 CRITICAL
Network 		- - vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run() obtains host process object and … Update CWE-693
 Protection Mechanism Failure 		CVE-2026-26956 2026-05-8 00:00 2026-05-5 Show GitHub Exploit DB Packet Storm
898 8.8 HIGH
Network 		hcltech bigfix_service_management HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses… New CWE-200
Information Exposure 		CVE-2025-52613 2026-05-7 23:59 2026-05-7 Show GitHub Exploit DB Packet Storm
899 6.5 MEDIUM
Network 		- - Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a trunca… New CWE-476
 NULL Pointer Dereference 		CVE-2026-41647 2026-05-7 23:59 2026-05-7 Show GitHub Exploit DB Packet Storm
900 6.5 MEDIUM
Network 		- - Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo() trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy bac… New CWE-476
 NULL Pointer Dereference 		CVE-2026-41684 2026-05-7 23:59 2026-05-7 Show GitHub Exploit DB Packet Storm