Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
242901 4.3 警告 ビジネスオブジェクツ - BusinessObjects InfoView の desktoplaunch/InfoView/logon/logon.object におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1894 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
242902 4.3 警告 blogator-script - Blogator-script の bs_auth.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1892 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
242903 7.5 危険 azrul
Joomla!		 - Joomla! 用のJom Comment コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1890 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
242904 7.5 危険 cdnetworks - CDNetworks Nefficient Download の NeffyLauncher ActiveX コントロールにおける保護メカニズムを回避される脆弱性 CWE-310
暗号の問題 		CVE-2008-1886 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
242905 6.8 警告 cdnetworks - CDNetworks Nefficient Download の NeffyLauncher ActiveX コントロールにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1885 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
242906 6.8 警告 Blackboard, Inc. - Blackboard Academic Suite のサーバにおけるアカウントにアクセスされる脆弱性 CWE-287
不適切な認証 		CVE-2008-1883 2012-06-26 16:02 2008-04-18 Show GitHub Exploit DB Packet Storm
242907 5 警告 Firebird Project
Gentoo Linux		 - Gentoo Linux 上の Firebird のデフォルト設定における重要なデータベース情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2008-1880 2012-06-26 16:02 2008-05-12 Show GitHub Exploit DB Packet Storm
242908 2.1 注意 Debian - tss における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-1877 2012-06-26 16:02 2008-04-12 Show GitHub Exploit DB Packet Storm
242909 7.5 危険 comdev - Comdev News Publisher の home.news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1872 2012-06-26 16:02 2008-04-17 Show GitHub Exploit DB Packet Storm
242910 7.5 危険 geek247 - PIGMy-SQL の getdata.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1870 2012-06-26 16:02 2008-04-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1171 8.3 HIGH
Network 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smb_check_perm_dacl() Both ACE-walk loops in smb_check_perm_dacl() only guard against an under… Update CWE-787
 Out-of-bounds Write 		CVE-2026-31712 2026-05-7 05:16 2026-05-1 Show GitHub Exploit DB Packet Storm
1172 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlink_ns_capable() check for peer netns rtnl_newlink() lacks a CAP_NET_ADMIN capability check on the pee… Update NVD-CWE-noinfo
CVE-2026-31692 2026-05-7 05:05 2026-04-30 Show GitHub Exploit DB Packet Storm
1173 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISOR_xen_version(XENVER_build_id) is neither NUL t… Update CWE-787
 Out-of-bounds Write 		CVE-2026-31786 2026-05-7 04:44 2026-04-30 Show GitHub Exploit DB Packet Storm
1174 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmd_vm_ops defines .close (privcmd_close), but neither .may_split nor .open. W… Update CWE-415
 Double Free 		CVE-2026-31787 2026-05-7 04:38 2026-04-30 Show GitHub Exploit DB Packet Storm
1175 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-control… Update NVD-CWE-noinfo
CVE-2026-31694 2026-05-7 04:23 2026-05-1 Show GitHub Exploit DB Packet Storm
1176 3.9 LOW
Network 		- - HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system comp… New CWE-1188
 Insecure Default Initialization of Resource 		CVE-2025-31974 2026-05-7 04:20 2026-05-7 Show GitHub Exploit DB Packet Storm
1177 8.8 HIGH
Network 		- - Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code by exploiti… New CWE-184
 Incomplete Blacklist 		CVE-2026-41934 2026-05-7 04:20 2026-05-7 Show GitHub Exploit DB Packet Storm
1178 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: remove SET_NETDEV_DEV to avoid use-after-free Currently we execute `SET_NETDEV_DEV(dev, &priv->lowerdev->dev)` f… Update CWE-416
 Use After Free 		CVE-2026-31695 2026-05-7 04:19 2026-05-1 Show GitHub Exploit DB Packet Storm
1179 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpc_preparse(), there are two paths for parsing key… Update CWE-787
 Out-of-bounds Write 		CVE-2026-31696 2026-05-7 04:17 2026-05-1 Show GitHub Exploit DB Packet Storm
1180 9.8 CRITICAL
Network 		- - OpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin Import DB feature due to insecure XML parsing of user supplied .zip files containing a manifest.xml. Update CWE-611
XXE 		CVE-2026-38429 2026-05-7 04:16 2026-05-6 Show GitHub Exploit DB Packet Storm