Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252191	7.1	危険	シスコシステムズ	-	Cisco Unified Communications Manager におけるメモリリークの脆弱性	CWE-399 リソース管理の問題	CVE-2011-1604	2011-12-1 10:35	2011-04-27	Show	GitHub Exploit DB Packet Storm

252192	4.3	警告	John Godley	-	WordPress 用 Redirection プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4562	2011-11-30 16:50	2011-11-28	Show	GitHub Exploit DB Packet Storm

252193	4.3	警告	codefuture	-	CF Image Hosting Script におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4572	2011-11-30 16:38	2011-11-29	Show	GitHub Exploit DB Packet Storm

252194	7.5	危険	EA Improved	-	Estate Agent コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4571	2011-11-30 16:37	2011-11-29	Show	GitHub Exploit DB Packet Storm

252195	7.5	危険	Takeaweb	-	Time Returns コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4570	2011-11-30 16:37	2011-11-29	Show	GitHub Exploit DB Packet Storm

252196	7.5	危険	tommykent1210	-	MyBB Forum 用 Userbar プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4569	2011-11-30 16:36	2011-11-29	Show	GitHub Exploit DB Packet Storm

252197	4.3	警告	WordPress.org	-	WordPress 用 Flowplayer プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4568	2011-11-30 16:35	2011-11-29	Show	GitHub Exploit DB Packet Storm

252198	4.3	警告	Zen Cart	-	Zen Cart におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4567	2011-11-30 16:34	2011-11-29	Show	GitHub Exploit DB Packet Storm

252199	4.3	警告	Zen Cart	-	Zen Cart におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4547	2011-11-30 16:34	2011-11-29	Show	GitHub Exploit DB Packet Storm

252200	4.3	警告	Hastymail	-	Hastymail2 の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4541	2011-11-30 16:32	2011-11-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3441	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix stale direct dispatch state in ddsp_dsq_id @p->scx.ddsp_dsq_id can be left set (non-SCX_DSQ_INVALID) triggering a …	NVD-CWE-noinfo	CVE-2026-31733	2026-05-8 01:44	2026-05-2	Show	GitHub Exploit DB Packet Storm

3442	5.7	MEDIUM Network	hcltech	bigfix_service_management	HHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. This could lead to unauthorized changes or exposure of sensitive data.	CWE-352 Origin Validation Error	CVE-2025-31957	2026-05-8 01:35	2026-05-7	Show	GitHub Exploit DB Packet Storm

3443	3.5	LOW Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentio…	CWE-1230 Exposure of Sensitive Information Through Metadata	CVE-2025-31959	2026-05-8 01:35	2026-05-7	Show	GitHub Exploit DB Packet Storm

3444	5.3	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially a…	CWE-200 Information Exposure	CVE-2025-31975	2026-05-8 01:33	2026-05-7	Show	GitHub Exploit DB Packet Storm

3445	7.5	HIGH Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to…	CWE-200 CWE-522 Information Exposure Insufficiently Protected Credentials	CVE-2025-31976	2026-05-8 01:30	2026-05-7	Show	GitHub Exploit DB Packet Storm

3446	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe ("usb: gadget: uvc: allow for application t…	CWE-476 NULL Pointer Dereference	CVE-2026-31726	2026-05-8 01:26	2026-05-2	Show	GitHub Exploit DB Packet Storm

3447	4.6	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. An attacker could populate data fields whic…	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2025-31978	2026-05-8 01:26	2026-05-7	Show	GitHub Exploit DB Packet Storm

3448	5.4	MEDIUM Network	hcltech	bigfix_service_management	HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, p…	CWE-200 Information Exposure	CVE-2025-31984	2026-05-8 01:25	2026-05-7	Show	GitHub Exploit DB Packet Storm

3449	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo Commit ec35c1969650 ("usb: gadget: f_ncm: Fix net_device lifecycl…	CWE-476 NULL Pointer Dereference	CVE-2026-31727	2026-05-8 01:20	2026-05-2	Show	GitHub Exploit DB Packet Storm

3450	6.8	MEDIUM Network	-	-	Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetch_metadata.php validates the resolved IP address but passes the original hostname-…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-42194	2026-05-8 01:16	2026-05-7	Show	GitHub Exploit DB Packet Storm