Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254061	10	危険	VMware	-	複数の VMware 製品のデフォルト設定における脆弱性	CWE-16 環境設定	CVE-2008-1392	2010-09-13 15:57	2008-03-20	Show	GitHub Exploit DB Packet Storm

254062	10	危険	VMware	-	複数の VMware 製品の ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-3892	2010-09-13 15:57	2008-09-3	Show	GitHub Exploit DB Packet Storm

254063	7.2	危険	VMware	-	複数の VMware 製品の VIX API におけるバッファオーバーフローの脆弱性	CWE-119 CWE-noinfo	CVE-2008-2100	2010-09-13 15:56	2008-06-4	Show	GitHub Exploit DB Packet Storm

254064	7.8	危険	VMware	-	複数の VMware 製品の DHCP サービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 CWE-noinfo	CVE-2008-1364	2010-09-13 15:56	2008-03-17	Show	GitHub Exploit DB Packet Storm

254065	6.8	警告	VMware	-	複数の VMware 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1363	2010-09-13 15:56	2008-03-17	Show	GitHub Exploit DB Packet Storm

254066	7.2	危険	VMware	-	複数の VMware 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1362	2010-09-13 15:55	2008-03-17	Show	GitHub Exploit DB Packet Storm

254067	6.8	警告	VMware	-	複数の VMware 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1361	2010-09-13 15:55	2008-03-17	Show	GitHub Exploit DB Packet Storm

254068	7.1	危険	VMware	-	複数の VMware 製品の Virtual Machine Communication Interface (VMCI) におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-1340	2010-09-13 15:55	2008-03-17	Show	GitHub Exploit DB Packet Storm

254069	6.9	警告	VMware	-	複数の VMware 製品におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0923	2010-09-13 15:54	2008-02-26	Show	GitHub Exploit DB Packet Storm

254070	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の DIRAPI.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2882	2010-09-13 15:46	2010-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2821	9.8	CRITICAL Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: smb: server: let send_done handle a completion without IB_SEND_SIGNALED With smbdirect_send_batch processing we likely have reque…	NVD-CWE-noinfo	CVE-2026-31536	2026-04-29 04:10	2026-04-25	Show	GitHub Exploit DB Packet Storm

2822	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirect_socket.send_io.bcredits It turns out that our code will corrupt the stream of reassabled data …	NVD-CWE-noinfo	CVE-2026-31537	2026-04-29 04:09	2026-04-25	Show	GitHub Exploit DB Packet Storm

2823	5.4	MEDIUM Network	pretalx	pretalx	pretalx is a conference planning tool. Prior to 2026.1.0, The organiser search in the pretalx backend rendered submission titles, speaker display names, and user names/emails into the result dropdown…	CWE-79 Cross-site Scripting	CVE-2026-41241	2026-04-29 04:07	2026-04-24	Show	GitHub Exploit DB Packet Storm

2824	8.1	HIGH Network	senselive	x3500_firmware	A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper handling of credential changes on the backend. After the device…	CWE-522 Insufficiently Protected Credentials	CVE-2026-39462	2026-04-29 04:04	2026-04-24	Show	GitHub Exploit DB Packet Storm

2825	8.1	HIGH Network	projectcontour	contour	Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker…	CWE-94 Code Injection	CVE-2026-41246	2026-04-29 04:04	2026-04-24	Show	GitHub Exploit DB Packet Storm

2826	8.1	HIGH Network	senselive	x3500_firmware	A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inad…	CWE-862 Missing Authorization	CVE-2026-40623	2026-04-29 04:02	2026-04-24	Show	GitHub Exploit DB Packet Storm

2827	9.8	CRITICAL Network	senselive	x3500_firmware	A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker with network acc…	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-40630	2026-04-29 04:01	2026-04-24	Show	GitHub Exploit DB Packet Storm

2828	9.8	CRITICAL Network	huggingface	lerobot	LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads() is used to deserialize data received over unauthenticated gRPC channels wit…	CWE-502 Deserialization of Untrusted Data	CVE-2026-25874	2026-04-29 04:01	2026-04-24	Show	GitHub Exploit DB Packet Storm

2829	7.5	HIGH Network	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirect_socket.recv_io.credits.available The logic off managing recv credits by counting posted recv_i…	NVD-CWE-Other	CVE-2026-31538	2026-04-29 03:59	2026-04-25	Show	GitHub Exploit DB Packet Storm

2830	9.8	CRITICAL Network	std42	elfinder	elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.67, elFinder contains a command injection vulnerability in the resize command. The bg (background …	CWE-78 OS Command	CVE-2026-41247	2026-04-29 03:57	2026-04-24	Show	GitHub Exploit DB Packet Storm