Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1121 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2025-39939 2026-01-29 16:00 2025-10-4 Show GitHub Exploit DB Packet Storm
1122 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2025-39942 2026-01-29 16:00 2025-10-4 Show GitHub Exploit DB Packet Storm
1123 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2025-39943 2026-01-29 16:00 2025-10-4 Show GitHub Exploit DB Packet Storm
1124 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2025-39944 2026-01-29 16:00 2025-10-4 Show GitHub Exploit DB Packet Storm
1125 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2025-39946 2026-01-29 16:00 2025-10-4 Show GitHub Exploit DB Packet Storm
1126 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2025-39947 2026-01-29 16:00 2025-10-4 Show GitHub Exploit DB Packet Storm
1127 5.5 警告
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 CWE-401
有効期限後のメモリの解放の欠如 		CVE-2025-39948 2026-01-29 16:00 2025-10-4 Show GitHub Exploit DB Packet Storm
1128 5.5 警告
Local 		- アップルのmacOSにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2025-43508 2026-01-29 16:00 2026-01-16 Show GitHub Exploit DB Packet Storm
1129 6.7 警告
Local 		クアルコム fastconnect 6700 ファームウェア
wcn6755 ファームウェア
SM8735 ファームウェア
QCS6490 ファームウェア
WCD9380 ファームウェア
video collaboration vc3 platform ファームウェア
wc… 		クアルコムのfastconnect 6700 ファームウェア等の複数製品における古典的バッファオーバーフローの脆弱性 CWE-120
古典的バッファオーバーフロー 		CVE-2025-47335 2026-01-29 16:00 2026-01-7 Show GitHub Exploit DB Packet Storm
1130 6.7 警告
Local 		クアルコム sm8750 ファームウェア
WCN7750 ファームウェア
wsa8845h ファームウェア
wcn7880 ファームウェア
wcn7861 ファームウェア
SM8735 ファームウェア
wcd9378 ファームウェア
wcd9395 ファームウェア
wcn7881&… 		クアルコムのfastconnect 7800 ファームウェア等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2025-47336 2026-01-29 16:00 2026-01-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283761 - xeroxer simple_one-file_gallery Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter. NVD-CWE-Other
CVE-2007-1125 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283762 - watersweb_shops shop_kit_plus Directory traversal vulnerability in enc/stylecss.php in shopkitplus allows remote attackers to read arbitrary files via a .. (dot dot) in the changetheme parameter. NVD-CWE-Other
CVE-2007-1127 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283763 - watersweb_shops shop_kit_plus shopkitplus allows remote attackers to obtain sensitive information via a request to (1) events.php with a curmonth[]=01 query string or (2) enc/stylecss.php with a changetheme[]= query string, which… NVD-CWE-Other
CVE-2007-1128 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283764 - mtcms mtcms Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action. NVD-CWE-Other
CVE-2007-1129 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283765 - mtcms mtcms Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type' NVD-CWE-Other
CVE-2007-1129 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283766 - mtcms mtcms Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) message and (2) title fiel… CWE-79
Cross-site Scripting 		CVE-2007-1132 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283767 - cromosoft simple_plantilla_php Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute p… CWE-22
Path Traversal 		CVE-2007-1138 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283768 - cromosoft simple_plantilla_php Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts via a filename with a double extension. CWE-94
Code Injection 		CVE-2007-1139 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283769 - barekoncept pheap Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. (dot dot) in the filename parameter. CWE-22
Path Traversal 		CVE-2007-1140 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283770 - reamday_enterprises magic_news_plus PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may… CWE-94
Code Injection 		CVE-2007-1141 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm