Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226951	7.5	危険	PreProject.com	-	Pre Classified Listings ASP の detailad.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1370	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226952	7.5	危険	PreProject.com	-	Pre Classified Listings ASP の signup.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1369	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226953	4.3	警告	Uiga	-	Uiga Fan Club の admin/admin_login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1367	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226954	7.5	危険	Uiga	-	Uiga Fan Club の admin/admin_login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1366	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226955	7.5	危険	Uiga	-	Uiga Fan Club の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1365	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226956	7.5	危険	Uiga	-	Uiga Personal Portal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1364	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226957	2.1	注意	ron jerome	-	Drupal 用の Bibliography モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1358	2012-12-20 19:29	2010-01-13	Show	GitHub Exploit DB Packet Storm

226958	4.3	警告	sbddirectorysoftware	-	SBD Directory Software の editors/logindialogue.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1357	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226959	10	危険	vsecurity	-	TANDBERG VCS における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-1356	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

226960	4.3	警告	vsecurity	-	TANDBERG VCS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1355	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3091	5.3	MEDIUM Network	sandboxie-plus	sandboxie	Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high…	CWE-328 Use of Weak Hash	CVE-2026-34527	2026-05-9 04:17	2026-05-6	Show	GitHub Exploit DB Packet Storm

3092	9.8	CRITICAL Network	vm2_project	vm2	vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run() obtains host process object and …	CWE-693 Protection Mechanism Failure	CVE-2026-26956	2026-05-9 04:15	2026-05-5	Show	GitHub Exploit DB Packet Storm

3093	7.1	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() Although it is guided that `#mbox-cells` must be at least 1, there…	CWE-125 Out-of-bounds Read	CVE-2026-43281	2026-05-9 04:13	2026-05-6	Show	GitHub Exploit DB Packet Storm

3094	8.8	HIGH Network	jupyter	jupyter_server	Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_d…	CWE-22 Path Traversal	CVE-2026-35397	2026-05-9 04:11	2026-05-6	Show	GitHub Exploit DB Packet Storm

3095	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port The function ionic_query_port() calls ib_device_get_netdev…	CWE-476 NULL Pointer Dereference	CVE-2026-43282	2026-05-9 04:09	2026-05-6	Show	GitHub Exploit DB Packet Storm

3096	7.5	HIGH Network	thecodingmachine	gotenberg	Gotenberg is an API-based document conversion tool. In versions 8.30.1 and earlier, the default private-IP deny-lists for the --webhook-deny-list and --api-download-from-deny-list flags use a case-se…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-40280	2026-05-9 04:06	2026-05-6	Show	GitHub Exploit DB Packet Storm

3097	7.8	HIGH Local	osgeo	gdal	A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName lead…	CWE-119 CWE-122 Incorrect Access of Indexable Resource ('Range Error') Heap-based Buffer Overflow	CVE-2026-8086	2026-05-9 04:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

3098	7.8	HIGH Local	osgeo	gdal	A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldNam…	CWE-119 CWE-122 Incorrect Access of Indexable Resource ('Range Error') Heap-based Buffer Overflow	CVE-2026-8087	2026-05-9 04:03	2026-05-8	Show	GitHub Exploit DB Packet Storm

3099	7.2	HIGH Network	thecodingmachine	gotenberg	Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal o…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-39383	2026-05-9 04:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

3100	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed i…	NVD-CWE-noinfo	CVE-2026-43044	2026-05-9 03:58	2026-05-2	Show	GitHub Exploit DB Packet Storm