Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. W3002R Firmware
A302 Firmware
W309R Firmware 		Shenzhen Tenda Technology Co.,Ltd.のA302 Firmware等の複数製品におけるスプーフィングによる認証回避に関する脆弱性 New CWE-290
スプーフィングによる認証回避 		CVE-2018-25317 2026-05-7 11:31 2026-04-29 Show GitHub Exploit DB Packet Storm
252 9.8 緊急
Network 		Shenzhen Tenda Technology Co.,Ltd. FH303 Firmware
A300 Firmware 		Shenzhen Tenda Technology Co.,Ltd.のA300 Firmware等の複数製品におけるスプーフィングによる認証回避に関する脆弱性 New CWE-290
スプーフィングによる認証回避 		CVE-2018-25318 2026-05-7 11:31 2026-04-29 Show GitHub Exploit DB Packet Storm
253 9.8 緊急
Network 		DeanWu (pylixm) Django-mdeditor DeanWu (pylixm)のDjango-mdeditorにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2025-13030 2026-05-7 11:31 2026-04-30 Show GitHub Exploit DB Packet Storm
254 7.8 重要
Local 		The Qt Company qtdeclarative The Qt Companyのqtdeclarativeにおける複数の脆弱性 New CWE-20
CWE-94
CWE-94
CVE-2025-14576 2026-05-7 11:30 2026-04-30 Show GitHub Exploit DB Packet Storm
255 6.4 警告
Local 		レッドハット OpenShift Update Service (OSUS) レッドハットのOpenShift Update Service (OSUS)における不適切なデフォルトパーミッションに関する脆弱性 New CWE-276
不適切なデフォルトパーミッション 		CVE-2025-57854 2026-05-7 11:30 2026-04-8 Show GitHub Exploit DB Packet Storm
256 5.4 警告
Network 		Wolters Kluwer Financial Services, Inc. LEX Baza Dokumentow Wolters Kluwer Financial Services, Inc.のLEX Baza Dokumentowにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-1493 2026-05-7 11:30 2026-04-30 Show GitHub Exploit DB Packet Storm
257 5.7 警告
Adjacent 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における入力確認に関する脆弱性 New CWE-20
CWE-noinfo
CVE-2026-20020 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
258 6.1 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるクロスサイトスクリプティングの脆弱性 New CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-20070 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
259 5.8 警告
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品におけるアクセス制御に関する脆弱性 New CWE-284
CWE-noinfo
CVE-2026-20073 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
260 7.7 重要
Network 		シスコシステムズ Firepower Threat Defense (FTD)
Adaptive Security Appliance (ASA) Software 		シスコシステムズのAdaptive Security Appliance (ASA) Software等の複数製品における古典的バッファオーバーフローの脆弱性 New CWE-120
古典的バッファオーバーフロー 		CVE-2026-20100 2026-05-7 11:30 2026-03-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312921 5.4 MEDIUM
Network 		mayurik advocate_office_management_system A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected by this issue is some unknown functionality of the f… CWE-79
Cross-site Scripting 		CVE-2024-7685 2024-08-20 22:53 2024-08-12 Show GitHub Exploit DB Packet Storm
312922 5.4 MEDIUM
Network 		mayurik advocate_office_management_system A vulnerability classified as problematic was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected by this vulnerability is an unknown functionality of the file add_act… CWE-79
Cross-site Scripting 		CVE-2024-7684 2024-08-20 22:53 2024-08-12 Show GitHub Exploit DB Packet Storm
312923 5.4 MEDIUM
Network 		mayurik advocate_office_management_system A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file addcase_stage.php. The manipu… CWE-79
Cross-site Scripting 		CVE-2024-7683 2024-08-20 22:52 2024-08-12 Show GitHub Exploit DB Packet Storm
312924 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets … CWE-476
 NULL Pointer Dereference 		CVE-2023-52889 2024-08-20 06:19 2024-08-17 Show GitHub Exploit DB Packet Storm
312925 9.8 CRITICAL
Network 		angeljudesuarez billing_system A vulnerability classified as critical has been found in itsourcecode Billing System 1.0. This affects an unknown part of the file addbill.php. The manipulation of the argument owners_id leads to sql… CWE-89
SQL Injection 		CVE-2024-7839 2024-08-20 06:18 2024-08-16 Show GitHub Exploit DB Packet Storm
312926 5.4 MEDIUM
Network 		jetbrains teamcity In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin CWE-79
Cross-site Scripting 		CVE-2024-43810 2024-08-20 06:11 2024-08-17 Show GitHub Exploit DB Packet Storm
312927 6.1 MEDIUM
Network 		jetbrains teamcity In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page CWE-79
Cross-site Scripting 		CVE-2024-43809 2024-08-20 06:11 2024-08-17 Show GitHub Exploit DB Packet Storm
312928 5.4 MEDIUM
Network 		jetbrains teamcity In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin CWE-79
Cross-site Scripting 		CVE-2024-43808 2024-08-20 06:10 2024-08-17 Show GitHub Exploit DB Packet Storm
312929 5.4 MEDIUM
Network 		jetbrains teamcity In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page CWE-79
Cross-site Scripting 		CVE-2024-43807 2024-08-20 06:09 2024-08-17 Show GitHub Exploit DB Packet Storm
312930 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). ip6table_nat_table_init() accesses net->gen->ptr[… CWE-476
 NULL Pointer Dereference 		CVE-2024-42269 2024-08-20 05:53 2024-08-17 Show GitHub Exploit DB Packet Storm