Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
237511	7.5	危険	igeneric	-	iGeneric の iG Calendar の user.php における SQL インジェクションの脆弱性	-	CVE-2007-0130	2012-09-25 15:36	2007-01-9	Show	GitHub Exploit DB Packet Storm

237512	6.8	警告	mkportal	-	MKPortal の admin.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0191	2012-09-25 15:36	2007-01-12	Show	GitHub Exploit DB Packet Storm

237513	7.5	危険	PHP Web Scripts	-	Easy Banner Pro の info.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0178	2012-09-25 15:36	2007-01-10	Show	GitHub Exploit DB Packet Storm

237514	5.1	警告	MediaWiki	-	MediaWiki の AJAX モジュールにおけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0177	2012-09-25 15:36	2007-01-10	Show	GitHub Exploit DB Packet Storm

237515	6.8	警告	l2j	-	L2J Statistik Script の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-0173	2012-09-25 15:36	2007-01-10	Show	GitHub Exploit DB Packet Storm

237516	7.5	危険	locazo	-	LocazoList の main.asp における SQL インジェクションの脆弱性	-	CVE-2007-0129	2012-09-25 15:36	2007-01-9	Show	GitHub Exploit DB Packet Storm

237517	9.3	危険	Opera Software ASA	-	Opera の Javascript SVG サポートにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2007-0127	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

237518	9.3	危険	Opera Software ASA	-	Opera におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-0126	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

237519	5	警告	カスペルスキー	-	Kaspersky Lab Antivurus Engine におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0125	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

237520	6.8	警告	michael romedahl	-	RI Blog の search.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0121	2012-09-25 15:36	2007-01-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
941	6.1	MEDIUM Local	-	-	CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside _load_pnm() that can bypass the memory all… Update	CWE-190 Integer Overflow or Wraparound	CVE-2026-42144	2026-05-8 00:43	2026-05-5	Show	GitHub Exploit DB Packet Storm

942	-		-	-	In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that allows an attacker who can supply Markdown for parsing to c… New	CWE-1333 Inefficient Regular Expression Complexity	CVE-2026-33079	2026-05-8 00:43	2026-05-7	Show	GitHub Exploit DB Packet Storm

943	8.8	HIGH Network	-	-	YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'… New	CWE-89 SQL Injection	CVE-2026-41143	2026-05-8 00:43	2026-05-7	Show	GitHub Exploit DB Packet Storm

944	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: gpio: Fix resource leaks on errors in gpiochip_add_data_with_key() Since commit aab5c6f20023 ("gpio: set device type for GPIO chi… Update	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-31732	2026-05-8 00:36	2026-05-2	Show	GitHub Exploit DB Packet Storm

945	5.4	MEDIUM Network	google	chrome	Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) New	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-8015	2026-05-8 00:30	2026-05-7	Show	GitHub Exploit DB Packet Storm

946	8.8	HIGH Network	google	chrome	Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) New	CWE-416 Use After Free	CVE-2026-8016	2026-05-8 00:29	2026-05-7	Show	GitHub Exploit DB Packet Storm

947	3.1	LOW Network	google	chrome	Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) New	CWE-1300 Improper Protection of Physical Side Channels	CVE-2026-8017	2026-05-8 00:29	2026-05-7	Show	GitHub Exploit DB Packet Storm

948	5.4	MEDIUM Network	google	chrome	Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) New	CWE-451 User Interface (UI) Misrepresentation of Critical Information	CVE-2026-8019	2026-05-8 00:26	2026-05-7	Show	GitHub Exploit DB Packet Storm

949	5.3	MEDIUM Network	google	chrome	Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process… New	CWE-457 Use of Uninitialized Variable	CVE-2026-8020	2026-05-8 00:21	2026-05-7	Show	GitHub Exploit DB Packet Storm

950	5.0	MEDIUM Network	google	chrome	Inappropriate implementation in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML pa… New	CWE-693 Protection Mechanism Failure	CVE-2026-8009	2026-05-8 00:20	2026-05-7	Show	GitHub Exploit DB Packet Storm