Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227031 7.5 危険 Mike Jolley - WordPress 用の Download Monitor プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2034 2012-12-20 18:52 2008-04-30 Show GitHub Exploit DB Packet Storm
227032 7.5 危険 WordPress.org - WordPress 用の Spreadsheet プラグインの ss_load.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1982 2012-12-20 18:52 2008-04-27 Show GitHub Exploit DB Packet Storm
227033 7.5 危険 phphq - phShoutBox Final における権限を取得される脆弱性 CWE-287
不適切な認証 		CVE-2008-1971 2012-12-20 18:52 2008-04-27 Show GitHub Exploit DB Packet Storm
227034 7.5 危険 quate - Quate Grape Web Statistics の includes/functions.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1963 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
227035 7.5 危険 sipp - SIPp の call.cpp の get_remote_video_port_media 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1959 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
227036 4.3 警告 wikepage - Wikepage Opus の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1956 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
227037 4.3 警告 Toocharger - Martin BOUCHER MyBoard の rep.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1955 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
227038 7.5 危険 webcalendar - Web Calendar Pro の one_day.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1954 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
227039 6.8 警告 Realtek Semiconductor Corp - Windows Vista 上で稼動している Realtek HD Audio Codec Drivers RTKVHDA.sys などにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2008-1932 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
227040 6.8 警告 Realtek Semiconductor Corp - Windows Vista 上で稼動している Realtek HD Audio Codec Drivers RTKVHDA.sys および RTKVHDA64.sys におけるレジストリキーを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1931 2012-12-20 18:52 2008-04-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
951 5.0 MEDIUM
Network 		- - A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of… New CWE-20
CWE-502
 Improper Input Validation 
 Deserialization of Untrusted Data 		CVE-2026-7317 2026-04-29 10:00 2026-04-29 Show GitHub Exploit DB Packet Storm
952 - - - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. New - CVE-2026-5822 2026-04-29 08:16 2026-04-29 Show GitHub Exploit DB Packet Storm
953 6.5 MEDIUM
Network 		- - The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing… New CWE-126
 Buffer Over-read 		CVE-2026-6238 2026-04-29 07:16 2026-04-29 Show GitHub Exploit DB Packet Storm
954 4.7 MEDIUM
Local 		- - Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator (!==) to verify the HMAC-SHA256 in… Update CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-41244 2026-04-29 06:18 2026-04-25 Show GitHub Exploit DB Packet Storm
955 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a `WARN_ON' and allows the driver to… Update NVD-CWE-noinfo
CVE-2026-31545 2026-04-29 05:53 2026-04-25 Show GitHub Exploit DB Packet Storm
956 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_has… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-31546 2026-04-29 05:48 2026-04-25 Show GitHub Exploit DB Packet Storm
957 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix nfeeds state corruption on start_streaming failure syzbot reported a memory leak in vidtv_psi_service_desc_init… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-31585 2026-04-29 05:47 2026-04-25 Show GitHub Exploit DB Packet Storm
958 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() cgwb_release_workfn() calls css_put(wb->blkcg_css) and then later acc… Update CWE-416
 Use After Free 		CVE-2026-31586 2026-04-29 05:45 2026-04-25 Show GitHub Exploit DB Packet Storm
959 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm: move component registration to unmanaged version q6apm component registers dais dynamically from ASoC toplolog… Update CWE-416
 Use After Free 		CVE-2026-31587 2026-04-29 05:44 2026-04-25 Show GitHub Exploit DB Packet Storm
960 8.9 HIGH
Network 		github enterprise_server A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing si… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-5921 2026-04-29 05:43 2026-04-22 Show GitHub Exploit DB Packet Storm