Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1651 9.8 緊急
Network 		10-Strike Software network inventory explorer 10-Strike Softwareのnetwork inventory explorerにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-47772 2026-01-26 19:42 2026-01-15 Show GitHub Exploit DB Packet Storm
1652 5.3 警告
Network 		Umbraco Umbraco CMS UmbracoのUmbraco CMSにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2021-47776 2026-01-26 19:42 2026-01-15 Show GitHub Exploit DB Packet Storm
1653 4.3 警告
Network 		- AvertaのWordPress用Popup and Slider Builder by Depicter - Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carouselにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2022-47176 2026-01-26 19:42 2024-12-13 Show GitHub Exploit DB Packet Storm
1654 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2022-49852 2026-01-26 19:42 2025-05-1 Show GitHub Exploit DB Packet Storm
1655 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースの初期化の不備に関する脆弱性 CWE-909
リソースの初期化の不備 		CVE-2022-49865 2026-01-26 19:42 2025-05-1 Show GitHub Exploit DB Packet Storm
1656 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2022-49970 2026-01-26 19:42 2025-06-18 Show GitHub Exploit DB Packet Storm
1657 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースの初期化の不備に関する脆弱性 CWE-909
リソースの初期化の不備 		CVE-2022-50169 2026-01-26 19:42 2025-06-18 Show GitHub Exploit DB Packet Storm
1658 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効なライフタイム後のリソースの解放の欠如に関する脆弱性 CWE-772
有効なライフタイム後のリソースの解放の欠如 		CVE-2022-50189 2026-01-26 19:42 2025-06-18 Show GitHub Exploit DB Packet Storm
1659 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2022-50270 2026-01-26 19:42 2025-09-15 Show GitHub Exploit DB Packet Storm
1660 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける二重解放に関する脆弱性 CWE-415
二重解放 		CVE-2022-50470 2026-01-26 19:42 2025-10-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283071 - forsnet web_icerik_yonetim_sistemi Cross-site scripting (XSS) vulnerability in index.php in Web Icerik Yonetim Sistemi (WIYS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the No parameter in the Sayfa page. NVD-CWE-Other
CVE-2007-2887 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283072 - 2z_project 2z_project SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php. CWE-89
SQL Injection 		CVE-2007-2898 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283073 - 2z_project 2z_project SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to execute arbitrary SQL commands via the post_id parameter. NOTE: the provenance of this information i… NVD-CWE-Other
CVE-2007-2905 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283074 - jelsoft vbulletin Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin before 3.6.6 allows remote attackers to inject arbitrary web script or HTML via the title field in a single add action. NVD-CWE-Other
CVE-2007-2908 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283075 - clonuswiki clonuswiki Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NVD-CWE-Other
CVE-2007-2913 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283076 - psychostats psychostats Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) awards.php, (2) login.php, (3) registe… CWE-79
Cross-site Scripting 		CVE-2007-2914 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283077 - rm_easymail rm_easymail_plus Cross-site scripting (XSS) vulnerability in RM EasyMail Plus allows remote attackers to inject arbitrary web script or HTML via the title field in an email. NVD-CWE-Other
CVE-2007-2915 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283078 - gmtt music_distro Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music Distro 1.2 allows remote attackers to inject arbitrary web script or HTML via the st parameter. NVD-CWE-Other
CVE-2007-2916 2018-10-17 01:46 2007-05-30 Show GitHub Exploit DB Packet Storm
283079 - isc bind The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when ans… NVD-CWE-Other
CVE-2007-2930 2018-10-17 01:46 2007-09-12 Show GitHub Exploit DB Packet Storm
283080 - wabcms wabcms WabCMS 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/wabcmsn.mdb. NOTE: this … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-2944 2018-10-17 01:46 2007-05-31 Show GitHub Exploit DB Packet Storm