Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
207591	4.3	警告	Splunk	-	Splunk Enterprise および Splunk Light の Dashboard におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-6514	2015-08-24 14:40	2015-07-7	Show	GitHub Exploit DB Packet Storm

207592	7.5	危険	J2Store	-	Joomla! 用 J2Store エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-6513	2015-08-24 14:10	2015-07-7	Show	GitHub Exploit DB Packet Storm

207593	5	警告	Codologic.com	-	FreiChat の server/plugins/chatroom/chatroom.php の get_messages 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-6512	2015-08-24 14:03	2015-07-13	Show	GitHub Exploit DB Packet Storm

207594	7.5	危険	Powerplay Gallery project	-	WordPress 用 Powerplay Gallery プラグインの upload.php における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-5681	2015-08-24 13:55	2015-06-27	Show	GitHub Exploit DB Packet Storm

207595	7.5	危険	Powerplay Gallery project	-	WordPress 用 Powerplay Gallery プラグインの upload.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2015-5599	2015-08-24 13:55	2015-06-27	Show	GitHub Exploit DB Packet Storm

207596	4.3	警告	Modern Tribe Inc.	-	WordPress 用 Modern Tribe Eventbrite Tickets プラグインの Event Import ページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5485	2015-08-24 13:55	2015-07-9	Show	GitHub Exploit DB Packet Storm

207597	10	危険	Dedicated Micros	-	Dedicated Micros のデジタルビデオレコーダが、平文で通信し、パスワード認証をしていない問題	CWE-Other その他	CVE-2015-2909	2015-08-24 13:53	2015-08-20	Show	GitHub Exploit DB Packet Storm

207598	4.3	警告	Electric Sheep Fencing	-	pfSense におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-6511	2015-08-24 11:40	2015-06-16	Show	GitHub Exploit DB Packet Storm

207599	4.3	警告	Electric Sheep Fencing	-	pfSense におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-6510	2015-08-24 11:40	2015-06-16	Show	GitHub Exploit DB Packet Storm

207600	4.3	警告	Electric Sheep Fencing	-	pfSense におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-6509	2015-08-24 11:40	2015-06-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1121	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermal_zone_pm_complete() and thermal_zone_device_resume() r…	CWE-416 Use After Free	CVE-2026-31731	2026-05-8 22:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

1122	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: possible double-free of cctx->remote_heap fastrpc_init_create_static_process() may free cctx->remote_heap on the e…	CWE-415 Double Free	CVE-2026-31730	2026-05-8 22:16	2026-05-2	Show	GitHub Exploit DB Packet Storm

1123	-		-	-	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	-	CVE-2026-2710	2026-05-8 08:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

1124	-		-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-34429. Reason: This candidate is a duplicate of CVE-2026-34429. Notes: All CVE users should reference CVE-2026-344…	-	CVE-2026-44365	2026-05-8 06:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

1125	7.7	HIGH Network	-	-	FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP redirects via curlGetLastR…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41905	2026-05-8 06:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

1126	7.1	HIGH Local	gitpython_project	gitpython	GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application …	CWE-22 Path Traversal	CVE-2026-44243	2026-05-8 06:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

1127	5.3	MEDIUM Network	-	-	ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an att…	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-42241	2026-05-8 05:37	2026-05-8	Show	GitHub Exploit DB Packet Storm

1128	-		-	-	PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid o…	CWE-295 Improper Certificate Validation	CVE-2026-42225	2026-05-8 05:36	2026-05-8	Show	GitHub Exploit DB Packet Storm

1129	8.1	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.…	CWE-1004 Sensitive Cookie Without 'HttpOnly' Flag	CVE-2026-42239	2026-05-8 05:35	2026-05-8	Show	GitHub Exploit DB Packet Storm

1130	7.6	HIGH Network	-	-	manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. F…	CWE-266 Incorrect Privilege Assignment	CVE-2026-43510	2026-05-8 05:32	2026-05-8	Show	GitHub Exploit DB Packet Storm