Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227101	7.5	危険	phpkf	-	phpKF の forum_duzen.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6443	2012-12-20 19:10	2009-03-9	Show	GitHub Exploit DB Packet Storm

227102	5.8	警告	sina	-	Sina Inc. DLoader Class ActiveX コントロールにおける任意のファイルを上書きされる脆弱性	CWE-Other その他	CVE-2008-6442	2012-12-20 19:10	2009-03-9	Show	GitHub Exploit DB Packet Storm

227103	4.3	警告	phpsqlitecms	-	phpSQLiteCMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-6435	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227104	7.5	危険	psychostats	-	PsychoStats における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6422	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227105	7.5	危険	socialsitegenerator	-	Social Site Generator の social_game_play.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-6421	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227106	5	警告	socialsitegenerator	-	Social Site Generator における任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2008-6420	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227107	7.5	危険	socialsitegenerator	-	Social Site Generator における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6419	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227108	7.5	危険	torrenttrader	-	TorrentTrader の scrape.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-6418	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227109	10	危険	Youngzsoft	-	YoungZSoft CCProxy におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-6415	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

227110	7.5	危険	vignette	-	Vignette Content Management における管理者権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2008-6412	2012-12-20 19:10	2009-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2491	8.8	HIGH Network	google	chrome	Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)	CWE-416 Use After Free	CVE-2026-7348	2026-05-1 03:27	2026-04-29	Show	GitHub Exploit DB Packet Storm

2492	8.8	HIGH Network	google	chrome	Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	CWE-122 Heap-based Buffer Overflow	CVE-2026-7339	2026-05-1 03:26	2026-04-29	Show	GitHub Exploit DB Packet Storm

2493	8.8	HIGH Network	tenda	hg3_firmware	A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation of the argument datasize can lead to co…	CWE-74 CWE-77 Injection Command Injection	CVE-2026-7160	2026-05-1 03:23	2026-04-28	Show	GitHub Exploit DB Packet Storm

2494	8.8	HIGH Network	tenda	hg3_firmware	A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet causes stack-based buffer ov…	CWE-119 CWE-121 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow	CVE-2026-7151	2026-05-1 03:22	2026-04-28	Show	GitHub Exploit DB Packet Storm

2495	8.8	HIGH Network	tenda	hg3_firmware	A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injec…	CWE-77 CWE-78 Command Injection OS Command	CVE-2026-7119	2026-05-1 03:22	2026-04-27	Show	GitHub Exploit DB Packet Storm

2496	6.5	MEDIUM Adjacent	-	-	A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An att…	CWE-843 Type Confusion	CVE-2026-6732	2026-05-1 03:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

2497	6.1	MEDIUM Network	-	-	Cross Site Scripting vulnerability in RafyMrX TOKO-ONLINE-ROTI v.1.0 allows a remote attacker to execute arbitrary code via the detail_produk.php component	CWE-79 Cross-site Scripting	CVE-2026-38940	2026-05-1 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

2498	6.1	MEDIUM Network	-	-	Cross Site Scripting vulnerability in andrewtch88 mvc-ecommerce v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the product_catalogue.php component	CWE-79 Cross-site Scripting	CVE-2026-38939	2026-05-1 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

2499	10.0	CRITICAL Network	-	-	A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request.	CWE-22 Path Traversal	CVE-2026-36767	2026-05-1 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm

2500	-		-	-	Multiple authenticated cross-site scripting (XSS) vulnerabilities in the XssHttpServletRequestWrapper class of shopizer v3.2.5 allows attackers to execute arbitrary web scripts or HTML via injecting …	-	CVE-2026-36766	2026-05-1 03:16	2026-05-1	Show	GitHub Exploit DB Packet Storm