Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2351	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける型の取り違えに関する脆弱性	CWE-843 型の取り違え	CVE-2026-31502	2026-04-30 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

2352	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-31503	2026-04-30 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

2353	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-31504	2026-04-30 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

2354	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-31505	2026-04-30 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

2355	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける二重解放に関する脆弱性	CWE-415 二重解放	CVE-2026-31506	2026-04-30 12:15	2026-04-22	Show	GitHub Exploit DB Packet Storm

2356	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける二重解放に関する脆弱性	CWE-415 二重解放	CVE-2026-31507	2026-04-30 12:14	2026-04-22	Show	GitHub Exploit DB Packet Storm

2357	7.8	重要 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-31508	2026-04-30 12:14	2026-04-22	Show	GitHub Exploit DB Packet Storm

2358	8.8	重要 Network	BMC Software	Control-M Managed File Transfer	BMC SoftwareのControl-M Managed File TransferにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-23780	2026-04-30 12:14	2026-04-10	Show	GitHub Exploit DB Packet Storm

2359	9.8	緊急 Network	BMC Software	Control-M Managed File Transfer	BMC SoftwareのControl-M Managed File Transferにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2026-23781	2026-04-30 12:14	2026-04-10	Show	GitHub Exploit DB Packet Storm

2360	7.5	重要 Network	BMC Software	Control-M Managed File Transfer	BMC SoftwareのControl-M Managed File Transferにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-23782	2026-04-30 12:14	2026-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
313871	-		-	-	SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an attacker to execute arbitrary code via the id parameter of the data.jsp page.	-	CVE-2024-42885	2024-09-6 02:44	2024-09-6	Show	GitHub Exploit DB Packet Storm

313872	-		-	-	itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via the "menu" parameter.	-	CVE-2024-44587	2024-09-6 02:44	2024-09-5	Show	GitHub Exploit DB Packet Storm

313873	9.8	CRITICAL Network	multivendorx	multivendorx	The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to privilege escalation/de-escalation and account takeover due to an insufficient capab…	CWE-862 Missing Authorization	CVE-2024-8289	2024-09-6 02:41	2024-09-4	Show	GitHub Exploit DB Packet Storm

313874	6.1	MEDIUM Network	raspcontrol_project	raspcontrol	Cross Site Scripting (XSS) vulnerability through the action parameter in index.php. Affected product codebase https://github.com/Bioshox/Raspcontrol and forks such as https://github.com/harmon25/r…	CWE-79 Cross-site Scripting	CVE-2024-8413	2024-09-6 02:40	2024-09-4	Show	GitHub Exploit DB Packet Storm

313875	6.8	MEDIUM Adjacent	wayos	fbm-291w_firmware	WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm.	CWE-77 Command Injection	CVE-2024-44383	2024-09-6 02:38	2024-09-4	Show	GitHub Exploit DB Packet Storm

313876	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB	CWE-787 Out-of-bounds Write	CVE-2024-42288	2024-09-6 02:38	2024-08-17	Show	GitHub Exploit DB Packet Storm

313877	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a c…	CWE-476 NULL Pointer Dereference	CVE-2024-42289	2024-09-6 02:37	2024-08-17	Show	GitHub Exploit DB Packet Storm

313878	8.8	HIGH Network	fogproject	fogproject	FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. The Rebr…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2024-40645	2024-09-6 02:09	2024-08-1	Show	GitHub Exploit DB Packet Storm

313879	5.9	MEDIUM Network	fogproject	fogproject	FOG is a free open-source cloning/imaging/rescue suite/inventory management system. The hostinfo page has missing/improper access control since only the host's mac address is required to obtain the c…	CWE-862 Missing Authorization	CVE-2024-41108	2024-09-6 01:27	2024-08-1	Show	GitHub Exploit DB Packet Storm

313880	7.8	HIGH Local	fogproject	fogproject	FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the "/opt/fog/.fogsettings" file. This file is by default readable b…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2024-41954	2024-09-6 01:18	2024-08-1	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed