Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 12:10 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226861 5 警告 skulltag team - Skulltag におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2748 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
226862 4.3 警告 vBulletin Solutions, Inc. - vBulletin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2744 2012-12-20 18:52 2008-06-9 Show GitHub Exploit DB Packet Storm
226863 4.3 警告 Xerox - Xerox 4110 などの Copier/Printers の組み込み Web サーバにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2743 2012-12-20 18:52 2008-06-12 Show GitHub Exploit DB Packet Storm
226864 4.3 警告 TYPO3 Association - TYPO3 の fe_adminlib.inc におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2718 2012-12-20 18:52 2008-06-16 Show GitHub Exploit DB Packet Storm
226865 9.3 危険 サン・マイクロシステムズ - Sun Java System AM における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-2705 2012-12-20 18:52 2008-06-11 Show GitHub Exploit DB Packet Storm
226866 4.3 警告 web-album - WEBalbum の photo_add-c.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2698 2012-12-20 18:52 2008-06-13 Show GitHub Exploit DB Packet Storm
226867 7.5 危険 phpinv - phpInv の entry.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2695 2012-12-20 18:52 2008-06-13 Show GitHub Exploit DB Packet Storm
226868 4.3 警告 phpinv - phpInv の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2694 2012-12-20 18:52 2008-06-13 Show GitHub Exploit DB Packet Storm
226869 7.5 危険 PilotCart - ASPilot Pilot Cart の pilot.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2688 2012-12-20 18:52 2008-06-13 Show GitHub Exploit DB Packet Storm
226870 7.5 危険 promanager - ProManager の inc/config.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2687 2012-12-20 18:52 2008-06-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
341 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections syzbot reported a general protection fault in vidt… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-31599 2026-04-30 05:12 2026-04-25 Show GitHub Exploit DB Packet Storm
342 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible deadlock between unlink and dio_end_io_write ocfs2_unlink takes orphan dir inode_lock first and then ip_alloc… Update CWE-667
 Improper Locking 		CVE-2026-31598 2026-04-30 05:10 2026-04-25 Show GitHub Exploit DB Packet Storm
343 9.8 CRITICAL
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already… Update CWE-415
 Double Free 		CVE-2026-31608 2026-04-30 05:03 2026-04-25 Show GitHub Exploit DB Packet Storm
344 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_hid: don't call cdev_init while cdev in use When calling unbind, then bind again, cdev_init reinitialized the cdev… Update NVD-CWE-noinfo
CVE-2026-31606 2026-04-30 05:00 2026-04-25 Show GitHub Exploit DB Packet Storm
345 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide… Update CWE-369
 Divide By Zero 		CVE-2026-31605 2026-04-30 04:36 2026-04-25 Show GitHub Exploit DB Packet Storm
346 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while … Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-31604 2026-04-30 04:21 2026-04-25 Show GitHub Exploit DB Packet Storm
347 8.0 HIGH
Network 		microsoft power_apps Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network. Update CWE-427
 Uncontrolled Search Path Element 		CVE-2026-32172 2026-04-30 04:11 2026-04-24 Show GitHub Exploit DB Packet Storm
348 10.0 CRITICAL
Network 		microsoft purview_ediscovery Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network. Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-26150 2026-04-30 04:10 2026-04-24 Show GitHub Exploit DB Packet Storm
349 9.8 CRITICAL
Network 		apache mina Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive types) does not check the class at all, bypassing the classname allowlist and allowin… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2026-41635 2026-04-30 04:08 2026-04-27 Show GitHub Exploit DB Packet Storm
350 9.8 CRITICAL
Network 		apache mina The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2026-41409 2026-04-30 04:08 2026-04-27 Show GitHub Exploit DB Packet Storm