Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227251	7.8	危険	powerportal	-	PowerPortal におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4361	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227252	10	危険	spaw editor	-	SPAW Editor PHP Edtion の class/theme.class.php における脆弱性	CWE-20 不適切な入力確認	CVE-2008-4358	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227253	7.5	危険	Powie	-	Powie pLink の linkto.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4357	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227254	7.5	危険	Powie	-	Powie PSCRIPT Forum の showprofil.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4355	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227255	7.5	危険	phpsmartcom	-	phpSmartCom の inc/pages/viewprofile.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4352	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227256	7.5	危険	phpsmartcom	-	phpSmartCom の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4351	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227257	7.5	危険	vblogix	-	vbLOGIX Tutorial Script の main.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4350	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227258	4.3	警告	s0nic	-	s0nic Paranews の news.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-4349	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227259	7.5	危険	Powie	-	Powie pNews の newskom.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-4347	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

227260	7.5	危険	talkback	-	TalkBack におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-4346	2012-12-20 18:52	2008-09-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312431	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in ip6_send_skb() [1] After ip6_local_out() has returned, we no longe…	CWE-416 Use After Free	CVE-2024-44987	2024-09-6 02:53	2024-09-5	Show	GitHub Exploit DB Packet Storm

312432	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: power: supply: rt5033: Bring back i2c_set_clientdata Commit 3a93da231c12 ("power: supply: rt5033: Use devm_power_supply_register(…	NVD-CWE-noinfo	CVE-2024-44936	2024-09-6 02:53	2024-08-26	Show	GitHub Exploit DB Packet Storm

312433	7.8	HIGH Local	overwolf	overwolf	A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unpr…	CWE-427 Uncontrolled Search Path Element	CVE-2024-7834	2024-09-6 02:52	2024-09-4	Show	GitHub Exploit DB Packet Storm

312434	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker w…	CWE-476 NULL Pointer Dereference	CVE-2024-42307	2024-09-6 02:49	2024-08-17	Show	GitHub Exploit DB Packet Storm

312435	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: f2fs: let's avoid panic if extent_tree is not created This patch avoids the below panic. pc : __lookup_extent_tree+0xd8/0x760 lr…	NVD-CWE-noinfo	CVE-2022-48877	2024-09-6 02:47	2024-08-21	Show	GitHub Exploit DB Packet Storm

312436	-		-	-	A vulnerability was found in Windmill 1.380.0. It has been classified as problematic. Affected is an unknown function of the file backend/windmill-api/src/users.rs of the component HTTP Request Handl…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-8462	2024-09-6 02:45	2024-09-5	Show	GitHub Exploit DB Packet Storm

312437	-		-	-	SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an attacker to execute arbitrary code via the id parameter of the data.jsp page.	-	CVE-2024-42885	2024-09-6 02:44	2024-09-6	Show	GitHub Exploit DB Packet Storm

312438	-		-	-	itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via the "menu" parameter.	-	CVE-2024-44587	2024-09-6 02:44	2024-09-5	Show	GitHub Exploit DB Packet Storm

312439	9.8	CRITICAL Network	multivendorx	multivendorx	The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to privilege escalation/de-escalation and account takeover due to an insufficient capab…	CWE-862 Missing Authorization	CVE-2024-8289	2024-09-6 02:41	2024-09-4	Show	GitHub Exploit DB Packet Storm

312440	6.1	MEDIUM Network	raspcontrol_project	raspcontrol	Cross Site Scripting (XSS) vulnerability through the action parameter in index.php. Affected product codebase https://github.com/Bioshox/Raspcontrol and forks such as https://github.com/harmon25/r…	CWE-79 Cross-site Scripting	CVE-2024-8413	2024-09-6 02:40	2024-09-4	Show	GitHub Exploit DB Packet Storm