Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209141	4.3	警告	SEOgento	-	Magento 用 SEOgento プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3243	2015-05-22 13:49	2012-01-11	Show	GitHub Exploit DB Packet Storm

209142	6.8	警告	osCMax.com	-	osCMax の管理パネルにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-6691	2015-05-22 13:43	2012-04-1	Show	GitHub Exploit DB Packet Storm

209143	7.5	危険	osCMax.com	-	osCMax の管理パネルにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1665	2015-05-22 13:43	2012-04-1	Show	GitHub Exploit DB Packet Storm

209144	4.3	警告	osCMax.com	-	osCMax の管理パネルにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1664	2015-05-22 13:43	2012-04-1	Show	GitHub Exploit DB Packet Storm

209145	5	警告	Google	-	Android 上で稼動する Google Chrome の android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java における URL バーを偽造される脆弱性	CWE-20 不適切な入力確認	CVE-2015-1261	2015-05-22 12:37	2015-05-19	Show	GitHub Exploit DB Packet Storm

209146	4.3	警告	FileMaker, Inc	-	FileMaker Pro におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-5322	2015-05-22 11:36	2014-09-18	Show	GitHub Exploit DB Packet Storm

209147	4.3	警告	FileMaker, Inc	-	FileMaker Pro におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-3640	2015-05-22 11:33	2013-05-31	Show	GitHub Exploit DB Packet Storm

209148	7.5	危険	Google	-	Google Chrome で使用される Google V8 におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2015-3910	2015-05-21 17:33	2015-05-19	Show	GitHub Exploit DB Packet Storm

209149	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2015-1265	2015-05-21 17:33	2015-05-19	Show	GitHub Exploit DB Packet Storm

209150	4.3	警告	Google	-	Google Chrome におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-1264	2015-05-21 17:33	2015-05-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
741	7.3	HIGH Network	-	-	A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sq… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-8098	2026-05-8 06:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

742	6.3	MEDIUM Network	-	-	A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /askquery.php. The manipulation of the argument squeryx results in sql injec… New	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-8097	2026-05-8 06:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

743	-		-	-	Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-34429. Reason: This candidate is a duplicate of CVE-2026-34429. Notes: All CVE users should reference CVE-2026-344… New	-	CVE-2026-44365	2026-05-8 06:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

744	7.8	HIGH Local	-	-	GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.set_value() passes values to Python's configparser without validating for newlines. GitP… New	CWE-94 Code Injection	CVE-2026-44244	2026-05-8 06:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

745	7.7	HIGH Network	-	-	FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP redirects via curlGetLastR… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-41905	2026-05-8 06:16	2026-05-8	Show	GitHub Exploit DB Packet Storm

746	7.1	HIGH Local	gitpython_project	gitpython	GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application … New	CWE-22 Path Traversal	CVE-2026-44243	2026-05-8 06:12	2026-05-8	Show	GitHub Exploit DB Packet Storm

747	5.3	MEDIUM Network	-	-	ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an att… New	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-42241	2026-05-8 05:37	2026-05-8	Show	GitHub Exploit DB Packet Storm

748	-		-	-	PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid o… New	CWE-295 Improper Certificate Validation	CVE-2026-42225	2026-05-8 05:36	2026-05-8	Show	GitHub Exploit DB Packet Storm

749	8.1	HIGH Network	-	-	Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.… New	CWE-1004 Sensitive Cookie Without 'HttpOnly' Flag	CVE-2026-42239	2026-05-8 05:35	2026-05-8	Show	GitHub Exploit DB Packet Storm

750	7.6	HIGH Network	-	-	manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. F… New	CWE-266 Incorrect Privilege Assignment	CVE-2026-43510	2026-05-8 05:32	2026-05-8	Show	GitHub Exploit DB Packet Storm