Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228311 7.6 危険 XnSoft - XnView におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1461 2012-12-20 18:52 2008-03-24 Show GitHub Exploit DB Packet Storm
228312 2.1 注意 raidsonic technology - RaidSonic NAS-4220-B における暗号鍵を取得される脆弱性 CWE-310
暗号の問題 		CVE-2008-1431 2012-12-20 18:52 2008-03-20 Show GitHub Exploit DB Packet Storm
228313 7.8 危険 silcnet - SILC Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2008-1429 2012-12-20 18:52 2008-03-20 Show GitHub Exploit DB Packet Storm
228314 6.8 警告 phpauction - PHPauction GPL における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-1416 2012-12-20 18:52 2008-03-20 Show GitHub Exploit DB Packet Storm
228315 5 警告 riceball - MTS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1415 2012-12-20 18:52 2008-03-20 Show GitHub Exploit DB Packet Storm
228316 4.3 警告 riceball - MTS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1414 2012-12-20 18:52 2008-03-20 Show GitHub Exploit DB Packet Storm
228317 4.3 警告 snews - SNewsCMS Rus の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1413 2012-12-20 18:52 2008-03-20 Show GitHub Exploit DB Packet Storm
228318 7.5 危険 phpbp - phpBP の includes/functions/banners-external.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1408 2012-12-20 18:52 2008-03-20 Show GitHub Exploit DB Packet Storm
228319 4.3 警告 Plone Foundation - Plone CMS におけるアカウントへの永久アクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-1396 2012-12-20 18:52 2008-03-19 Show GitHub Exploit DB Packet Storm
228320 7.5 危険 Plone Foundation - Plone CMS におけるログアウトしたセッションを再利用される脆弱性 CWE-287
不適切な認証 		CVE-2008-1395 2012-12-20 18:52 2008-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2691 8.5 HIGH
Network 		socialengine socialengine SocialEngine versions 7.8.0 and prior contain a blind server-side request forgery vulnerability in the /core/link/preview endpoint where user-supplied input passed via the uri request parameter is no… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-41461 2026-04-30 05:16 2026-04-24 Show GitHub Exploit DB Packet Storm
2692 9.8 CRITICAL
Network 		socialengine socialengine SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized befo… CWE-89
SQL Injection 		CVE-2026-41460 2026-04-30 05:16 2026-04-24 Show GitHub Exploit DB Packet Storm
2693 6.2 MEDIUM
Local 		apple ipados
iphone_os 		A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly … CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2026-28950 2026-04-30 05:16 2026-04-23 Show GitHub Exploit DB Packet Storm
2694 5.1 MEDIUM
Local 		- - EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in thi… CWE-427
 Uncontrolled Search Path Element 		CVE-2025-10549 2026-04-30 05:16 2026-04-23 Show GitHub Exploit DB Packet Storm
2695 4.8 MEDIUM
Network 		- - Due to improper TLS certificate validation in the DeskTime Time Tracking App before version 1.3.674, attackers who can position themselves in the network path between the client and the DeskTime upda… CWE-295
CWE-296
CWE-494
Improper Certificate Validation 
 Improper Following of a Certificate's Chain of Trust
 Download of Code Without Integrity Check 		CVE-2025-10539 2026-04-30 05:16 2026-04-28 Show GitHub Exploit DB Packet Storm
2696 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: vfio/xe: Reorganize the init to decouple migration from reset Attempting to issue reset on VF devices that don't support migratio… NVD-CWE-noinfo
CVE-2026-31601 2026-04-30 05:15 2026-04-25 Show GitHub Exploit DB Packet Storm
2697 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Handle invalid large leaf mappings correctly It has been possible for a long time to mark ptes in the linear map as in… CWE-476
 NULL Pointer Dereference 		CVE-2026-31600 2026-04-30 05:14 2026-04-25 Show GitHub Exploit DB Packet Storm
2698 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections syzbot reported a general protection fault in vidt… CWE-476
 NULL Pointer Dereference 		CVE-2026-31599 2026-04-30 05:12 2026-04-25 Show GitHub Exploit DB Packet Storm
2699 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible deadlock between unlink and dio_end_io_write ocfs2_unlink takes orphan dir inode_lock first and then ip_alloc… CWE-667
 Improper Locking 		CVE-2026-31598 2026-04-30 05:10 2026-04-25 Show GitHub Exploit DB Packet Storm
2700 9.8 CRITICAL
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already… CWE-415
 Double Free 		CVE-2026-31608 2026-04-30 05:03 2026-04-25 Show GitHub Exploit DB Packet Storm