Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
236131 10 危険 lycos - Lycos FileUploader におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0443 2012-09-25 16:59 2008-01-24 Show GitHub Exploit DB Packet Storm
236132 2.1 注意 IBM - IBM TBSM における重要な情報を取得される脆弱性 CWE-DesignError
CVE-2008-0441 2012-09-25 16:59 2008-01-24 Show GitHub Exploit DB Packet Storm
236133 10 危険 ヒューレット・パッカード
マイクロソフト		 - HP Virtual Rooms のインストールプロセスにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-0437 2012-09-25 16:59 2008-01-23 Show GitHub Exploit DB Packet Storm
236134 4.3 警告 pd9 software - PD9 Software MegaBBS の profile-upload/upload.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0436 2012-09-25 16:59 2008-01-23 Show GitHub Exploit DB Packet Storm
236135 5 警告 ozjournals - OZJournals の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0435 2012-09-25 16:59 2008-01-23 Show GitHub Exploit DB Packet Storm
236136 5 警告 idmos - IDMOS の administrator/download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-0431 2012-09-25 16:59 2008-01-23 Show GitHub Exploit DB Packet Storm
236137 4.3 警告 pacercms - PacerCMS の submit.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0426 2012-09-25 16:59 2008-01-23 Show GitHub Exploit DB Packet Storm
236138 4.3 警告 novemberborn - Novemberborn sIFR のフォント再レンダリング機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-0438 2012-09-25 16:59 2007-07-4 Show GitHub Exploit DB Packet Storm
236139 7.5 危険 mooseguy blog system - MGBS の blog.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-0424 2012-09-25 16:59 2008-01-23 Show GitHub Exploit DB Packet Storm
236140 6.8 警告 lama - Lama Software における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-0423 2012-09-25 16:59 2008-01-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 7.1 HIGH
Network 		- - A Server-Side Request Forgery (SSRF) vulnerability exists in MLflow versions prior to 3.9.0. The `_create_webhook()` function in `mlflow/server/handlers.py` accepts a user-controlled `url` parameter … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-2393 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
92 - - - dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-co… New - CVE-2026-2291 2026-05-12 03:16 2026-05-12 Show GitHub Exploit DB Packet Storm
93 8.8 HIGH
Network 		- - Insufficient input validation of the `plugin` parameter of the `create_user` plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user. New CWE-94
Code Injection 		CVE-2026-29202 2026-05-12 03:16 2026-05-9 Show GitHub Exploit DB Packet Storm
94 5.3 MEDIUM
Network 		- - Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to … New CWE-757
Algorithm Downgrade 		CVE-2026-1677 2026-05-12 03:16 2026-05-11 Show GitHub Exploit DB Packet Storm
95 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in snd_cx88_hw_params() In error path, add cx88_alsa_dma_unmap() to release resource acquired by c… Update CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2026-43257 2026-05-12 03:16 2026-05-6 Show GitHub Exploit DB Packet Storm
96 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruptio… Update CWE-787
 Out-of-bounds Write 		CVE-2026-43258 2026-05-12 03:10 2026-05-6 Show GitHub Exploit DB Packet Storm
97 9.6 CRITICAL
Network 		argoproj argo_cd Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo… New CWE-200
CWE-212
Information Exposure
 Improper Removal of Sensitive Information Before Storage or Transfer 		CVE-2026-42880 2026-05-12 02:46 2026-05-8 Show GitHub Exploit DB Packet Storm
98 8.8 HIGH
Network 		gitpython_project gitpython GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by … New CWE-78
OS Command  		CVE-2026-42215 2026-05-12 02:45 2026-05-8 Show GitHub Exploit DB Packet Storm
99 7.8 HIGH
Local 		gitpython_project gitpython GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.set_value() passes values to Python's configparser without validating for newlines. GitP… New CWE-94
Code Injection 		CVE-2026-44244 2026-05-12 02:44 2026-05-8 Show GitHub Exploit DB Packet Storm
100 7.5 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() ipv6_stub->ipv6_dev_find() may return ERR_PTR(-EAFNOSUPPORT) when the IPv6 s… Update CWE-476
 NULL Pointer Dereference 		CVE-2026-43099 2026-05-12 02:36 2026-05-6 Show GitHub Exploit DB Packet Storm