Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250271	7.5	危険	Miniwork	-	Joomla! 用 Canteen コンポーネントの menu.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4977	2011-12-9 14:39	2011-11-1	Show	GitHub Exploit DB Packet Storm

250272	4.3	警告	Nicholas Berry	-	CANDID の image/view.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4978	2011-12-9 14:39	2011-11-1	Show	GitHub Exploit DB Packet Storm

250273	7.5	危険	Nicholas Berry	-	CANDID の image/view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4979	2011-12-9 14:38	2011-11-1	Show	GitHub Exploit DB Packet Storm

250274	7.5	危険	iScripts	-	iScripts ReserveLogic の packagedetails.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4980	2011-12-9 14:38	2011-11-1	Show	GitHub Exploit DB Packet Storm

250275	7.5	危険	YourFreeWorld.com	-	YourFreeWorld Banner Management における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4981	2011-12-9 14:37	2011-11-1	Show	GitHub Exploit DB Packet Storm

250276	7.5	危険	My Kazaam	-	My Kazaam Address & Contact Organizer における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4982	2011-12-9 14:36	2011-11-1	Show	GitHub Exploit DB Packet Storm

250277	7.5	危険	iScripts	-	iScripts CyberMatch における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4983	2011-12-9 14:36	2011-11-1	Show	GitHub Exploit DB Packet Storm

250278	7.5	危険	My Kazaam	-	My Kazaam Notes Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4984	2011-12-9 14:35	2011-11-1	Show	GitHub Exploit DB Packet Storm

250279	4.3	警告	My Kazaam	-	My Kazaam Notes Management System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4985	2011-12-9 14:35	2011-11-1	Show	GitHub Exploit DB Packet Storm

250280	7.5	危険	Cafuego	-	Simple Document Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4986	2011-12-9 14:34	2011-11-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1731	-		-	-	Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers. 'Elixir.Bandit.Headers':get_content_length/1 in lib/b…	CWE-444 HTTP Request Smuggling	CVE-2026-39805	2026-05-6 04:37	2026-05-2	Show	GitHub Exploit DB Packet Storm

1732	-		-	-	Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determine_…	CWE-807 Reliance on Untrusted Inputs in a Security Decision	CVE-2026-39807	2026-05-6 04:37	2026-05-2	Show	GitHub Exploit DB Packet Storm

1733	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in 'Elixir.Ba…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42786	2026-05-6 04:37	2026-05-2	Show	GitHub Exploit DB Packet Storm

1734	-		-	-	Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated memory exhaustion via oversized HTTP/2 frames. 'Elixir.Bandit.HTTP2.Frame':deserialize/2 i…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-42788	2026-05-6 04:37	2026-05-2	Show	GitHub Exploit DB Packet Storm

1735	-		-	-	3onedata modbus gateway device model GW1101-1D(RS-485)-TB-P (hardware version V2.2.0) allows authenticated users to execute arbitrary shell commands in the context of the root user by providing paylo…	CWE-78 OS Command	CVE-2025-13605	2026-05-6 04:35	2026-05-5	Show	GitHub Exploit DB Packet Storm

1736	9.1	CRITICAL Network	-	-	Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and…	CWE-125 Out-of-bounds Read	CVE-2026-7482	2026-05-6 04:35	2026-05-4	Show	GitHub Exploit DB Packet Storm

1737	9.8	CRITICAL Network	-	-	Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allo…	CWE-79 Cross-site Scripting	CVE-2025-14320	2026-05-6 04:34	2026-05-4	Show	GitHub Exploit DB Packet Storm

1738	7.2	HIGH Network	-	-	Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection. This issue aff…	CWE-94 Code Injection	CVE-2026-3120	2026-05-6 04:34	2026-05-4	Show	GitHub Exploit DB Packet Storm

1739	9.8	CRITICAL Network	-	-	D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks…	CWE-798 Use of Hard-coded Credentials	CVE-2026-42376	2026-05-6 04:32	2026-05-5	Show	GitHub Exploit DB Packet Storm

1740	9.9	CRITICAL Network	-	-	Apache Polaris can issue broad temporary ("vended") storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary crede…	CWE-20 CWE-862 Improper Input Validation Missing Authorization	CVE-2026-42809	2026-05-6 04:32	2026-05-5	Show	GitHub Exploit DB Packet Storm