Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1651 9.8 緊急
Network 		10-Strike Software network inventory explorer 10-Strike Softwareのnetwork inventory explorerにおける境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-47772 2026-01-26 19:42 2026-01-15 Show GitHub Exploit DB Packet Storm
1652 5.3 警告
Network 		Umbraco Umbraco CMS UmbracoのUmbraco CMSにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2021-47776 2026-01-26 19:42 2026-01-15 Show GitHub Exploit DB Packet Storm
1653 4.3 警告
Network 		- AvertaのWordPress用Popup and Slider Builder by Depicter - Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carouselにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2022-47176 2026-01-26 19:42 2024-12-13 Show GitHub Exploit DB Packet Storm
1654 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2022-49852 2026-01-26 19:42 2025-05-1 Show GitHub Exploit DB Packet Storm
1655 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースの初期化の不備に関する脆弱性 CWE-909
リソースの初期化の不備 		CVE-2022-49865 2026-01-26 19:42 2025-05-1 Show GitHub Exploit DB Packet Storm
1656 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2022-49970 2026-01-26 19:42 2025-06-18 Show GitHub Exploit DB Packet Storm
1657 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおけるリソースの初期化の不備に関する脆弱性 CWE-909
リソースの初期化の不備 		CVE-2022-50169 2026-01-26 19:42 2025-06-18 Show GitHub Exploit DB Packet Storm
1658 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける有効なライフタイム後のリソースの解放の欠如に関する脆弱性 CWE-772
有効なライフタイム後のリソースの解放の欠如 		CVE-2022-50189 2026-01-26 19:42 2025-06-18 Show GitHub Exploit DB Packet Storm
1659 7.1 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2022-50270 2026-01-26 19:42 2025-09-15 Show GitHub Exploit DB Packet Storm
1660 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける二重解放に関する脆弱性 CWE-415
二重解放 		CVE-2022-50470 2026-01-26 19:42 2025-10-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283831 - watersweb_shops shop_kit_plus shopkitplus allows remote attackers to obtain sensitive information via a request to (1) events.php with a curmonth[]=01 query string or (2) enc/stylecss.php with a changetheme[]= query string, which… NVD-CWE-Other
CVE-2007-1128 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283832 - mtcms mtcms Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action. NVD-CWE-Other
CVE-2007-1129 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283833 - mtcms mtcms Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type' NVD-CWE-Other
CVE-2007-1129 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283834 - mtcms mtcms Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) message and (2) title fiel… CWE-79
Cross-site Scripting 		CVE-2007-1132 2018-10-17 01:36 2007-02-27 Show GitHub Exploit DB Packet Storm
283835 - cromosoft simple_plantilla_php Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute p… CWE-22
Path Traversal 		CVE-2007-1138 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283836 - cromosoft simple_plantilla_php Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts via a filename with a double extension. CWE-94
Code Injection 		CVE-2007-1139 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283837 - barekoncept pheap Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. (dot dot) in the filename parameter. CWE-22
Path Traversal 		CVE-2007-1140 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283838 - reamday_enterprises magic_news_plus PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may… CWE-94
Code Injection 		CVE-2007-1141 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283839 - reamday_enterprises magic_news_plus Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the link_parameters parameter in (1) news.php and (2) n_layouts.ph… CWE-79
Cross-site Scripting 		CVE-2007-1142 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm
283840 - jeunes-webmasters j-web_pics_navigator Directory traversal vulnerability in pn-menu.php in J-Web Pics Navigator 1.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter. CWE-22
Path Traversal 		CVE-2007-1143 2018-10-17 01:36 2007-03-3 Show GitHub Exploit DB Packet Storm