Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228621	4.3	警告	tinx cms	-	TinX/cms の admin/objects/obj_image.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2975	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

228622	7.5	危険	yektaweb	-	AWT YEKTA におけるセッションをハイジャックされる脆弱性	CWE-20 不適切な入力確認	CVE-2008-2970	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

228623	5	警告	yektaweb	-	AWT YEKTA の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-2969	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

228624	7.5	危険	yektaweb	-	AWT YEKTA の rating.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2968	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

228625	4.3	警告	yektaweb	-	AWT YEKTA におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2967	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

228626	7.5	危険	researchguide	-	ResearchGuide の guide.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-2964	2012-12-20 18:52	2008-07-2	Show	GitHub Exploit DB Packet Storm

228627	2.6	注意	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-2960	2012-12-20 18:52	2008-06-23	Show	GitHub Exploit DB Packet Storm

228628	5.8	警告	Edgewall Software	-	Trac の検索スクリプトにおけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2008-2951	2012-12-20 18:52	2008-07-27	Show	GitHub Exploit DB Packet Storm

228629	7.5	危険	freedesktop.org	-	Poppler の libpoppler における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2008-2950	2012-12-20 18:52	2008-07-7	Show	GitHub Exploit DB Packet Storm

228630	7.5	危険	サン・マイクロシステムズ	-	Sun Java System Access Manager および Sun Java System Identity Server における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2008-2945	2012-12-20 18:52	2008-06-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2921	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled If the gmac0 is disabled, the precheck for a valid ingress device…	CWE-476 NULL Pointer Dereference	CVE-2026-31736	2026-05-8 01:53	2026-05-2	Show	GitHub Exploit DB Packet Storm

2922	8.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: iommupt: Fix short gather if the unmap goes into a large mapping unmap has the odd behavior that it can unmap more than requested…	NVD-CWE-noinfo	CVE-2026-31735	2026-05-8 01:52	2026-05-2	Show	GitHub Exploit DB Packet Storm

2923	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix is_bpf_migration_disabled() false negative on non-PREEMPT_RCU Since commit 8e4f0b1ebcf2 ("bpf: use rcu_read_lock_d…	NVD-CWE-noinfo	CVE-2026-31734	2026-05-8 01:50	2026-05-2	Show	GitHub Exploit DB Packet Storm

2924	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix stale direct dispatch state in ddsp_dsq_id @p->scx.ddsp_dsq_id can be left set (non-SCX_DSQ_INVALID) triggering a …	NVD-CWE-noinfo	CVE-2026-31733	2026-05-8 01:44	2026-05-2	Show	GitHub Exploit DB Packet Storm

2925	5.7	MEDIUM Network	hcltech	bigfix_service_management	HHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. This could lead to unauthorized changes or exposure of sensitive data.	CWE-352 Origin Validation Error	CVE-2025-31957	2026-05-8 01:35	2026-05-7	Show	GitHub Exploit DB Packet Storm

2926	3.5	LOW Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentio…	CWE-1230 Exposure of Sensitive Information Through Metadata	CVE-2025-31959	2026-05-8 01:35	2026-05-7	Show	GitHub Exploit DB Packet Storm

2927	5.3	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially a…	CWE-200 Information Exposure	CVE-2025-31975	2026-05-8 01:33	2026-05-7	Show	GitHub Exploit DB Packet Storm

2928	7.5	HIGH Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to…	CWE-200 CWE-522 Information Exposure Insufficiently Protected Credentials	CVE-2025-31976	2026-05-8 01:30	2026-05-7	Show	GitHub Exploit DB Packet Storm

2929	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe ("usb: gadget: uvc: allow for application t…	CWE-476 NULL Pointer Dereference	CVE-2026-31726	2026-05-8 01:26	2026-05-2	Show	GitHub Exploit DB Packet Storm

2930	4.6	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. An attacker could populate data fields whic…	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2025-31978	2026-05-8 01:26	2026-05-7	Show	GitHub Exploit DB Packet Storm