Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226381 4.3 警告 phpf1 - Max's Guestbook の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6359 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226382 7.5 危険 socialgroupie - Social Groupie の group_index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6358 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226383 5 警告 the net guys - The Net Guys ASPired2Protect におけるユーザ名などを含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6355 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226384 5 警告 the net guys - The Net Guys ASPired2poll におけるユーザ名などを含むデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6354 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226385 7.5 危険 xpoze - Xpoze Pro の home.html における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6352 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226386 4.3 警告 turnkeyforms - TurnkeyForms Local Classifieds の listtest.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6351 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226387 7.5 危険 turnkeyforms - TurnkeyForms Local Classifieds の listtest.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6350 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226388 7.5 危険 turnkeyforms - TurnkeyForms Business Survey Pro の survey_results_text.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6349 2012-12-20 19:10 2009-03-2 Show GitHub Exploit DB Packet Storm
226389 4.3 警告 ticklespace - Drupal 用の Answers モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6413 2012-12-20 19:10 2008-09-18 Show GitHub Exploit DB Packet Storm
226390 4.3 警告 sadi samami - Multi Languages WebShop Online の detail.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6267 2012-12-20 19:10 2009-02-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1421 7.3 HIGH
Network 		hashcat hashcat A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The iss… CWE-787
CWE-122
 Out-of-bounds Write
Heap-based Buffer Overflow 		CVE-2026-42483 2026-05-2 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
1422 7.5 HIGH
Network 		exim exim In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in… CWE-684
 Incorrect Provision of Specified Functionality 		CVE-2026-40684 2026-05-2 03:16 2026-05-1 Show GitHub Exploit DB Packet Storm
1423 5.5 MEDIUM
Local 		wireshark wireshark Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CWE-1325
 Improperly Controlled Sequential Memory Allocation 		CVE-2026-6535 2026-05-2 03:16 2026-04-30 Show GitHub Exploit DB Packet Storm
1424 5.5 MEDIUM
Local 		wireshark wireshark DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-6536 2026-05-2 03:16 2026-04-30 Show GitHub Exploit DB Packet Storm
1425 5.5 MEDIUM
Local 		wireshark wireshark ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CWE-121
Stack-based Buffer Overflow 		CVE-2026-6537 2026-05-2 03:15 2026-04-30 Show GitHub Exploit DB Packet Storm
1426 5.5 MEDIUM
Local 		wireshark wireshark BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CWE-121
Stack-based Buffer Overflow 		CVE-2026-6538 2026-05-2 03:15 2026-04-30 Show GitHub Exploit DB Packet Storm
1427 5.5 MEDIUM
Local 		wireshark wireshark SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CWE-1325
 Improperly Controlled Sequential Memory Allocation 		CVE-2026-6867 2026-05-2 03:15 2026-04-30 Show GitHub Exploit DB Packet Storm
1428 5.5 MEDIUM
Local 		wireshark wireshark WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CWE-1325
 Improperly Controlled Sequential Memory Allocation 		CVE-2026-6869 2026-05-2 03:15 2026-04-30 Show GitHub Exploit DB Packet Storm
1429 5.5 MEDIUM
Local 		wireshark wireshark GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CWE-824
 Access of Uninitialized Pointer 		CVE-2026-6870 2026-05-2 03:11 2026-04-30 Show GitHub Exploit DB Packet Storm
1430 7.5 HIGH
Network 		apache neethi Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-prod… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-42402 2026-05-2 03:08 2026-05-1 Show GitHub Exploit DB Packet Storm