Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254771	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254772	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254773	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

254774	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

254775	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3711	7.5	HIGH Network	-	-	The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment() function due to missing validation on …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-3124	2026-04-25 01:36	2026-03-30	Show	GitHub Exploit DB Packet Storm

3712	7.5	HIGH Network	-	-	El plugin Download Monitor para WordPress es vulnerable a Referencia Directa Insegura a Objeto en todas las versiones hasta la 5.1.7, inclusive, a través de la función executePayment() debido a la fa…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-3124	2026-04-25 01:36	2026-03-30	Show	GitHub Exploit DB Packet Storm

3713	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting Running stress-ng --schedpolicy 0 on an RT kernel on a big ma…	NVD-CWE-noinfo	CVE-2026-23371	2026-04-25 01:36	2026-03-25	Show	GitHub Exploit DB Packet Storm

3714	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: sched/deadline: Solucionar la falta de ENQUEUE_REPLENISH durante la des-potenciación PI Ejecutar stress-ng --schedpolicy 0 en un…	NVD-CWE-noinfo	CVE-2026-23371	2026-04-25 01:36	2026-03-25	Show	GitHub Exploit DB Packet Storm

3715	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nfc: rawsock: cancel tx_work before socket teardown In rawsock_release(), cancel any pending tx_work and purge the write queue be…	NVD-CWE-noinfo	CVE-2026-23372	2026-04-25 01:36	2026-03-25	Show	GitHub Exploit DB Packet Storm

3716	7.8	HIGH Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: nfc: rawsock: cancelar tx_work antes del desmontaje del socket En rawsock_release(), cancelar cualquier tx_work pendiente y purg…	NVD-CWE-noinfo	CVE-2026-23372	2026-04-25 01:36	2026-03-25	Show	GitHub Exploit DB Packet Storm

3717	8.2	HIGH Network	flowiseai	flowise	Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacke…	CWE-306 Missing Authentication for Critical Function	CVE-2026-41273	2026-04-25 01:35	2026-04-24	Show	GitHub Exploit DB Packet Storm

3718	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config This triggers a WARN_ON in ieee80211_hw_conf_init and isn't the ex…	NVD-CWE-noinfo	CVE-2026-23373	2026-04-25 01:35	2026-03-25	Show	GitHub Exploit DB Packet Storm

3719	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: wifi: rsi: No usar -EOPNOTSUPP por defecto en rsi_mac80211_config Esto activa un WARN_ON en ieee80211_hw_conf_init y no es el co…	NVD-CWE-noinfo	CVE-2026-23373	2026-04-25 01:35	2026-03-25	Show	GitHub Exploit DB Packet Storm

3720	7.1	HIGH Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProgressionStudios Vayvo vayvo-progression allows Reflected XSS.This issue affects Vayvo: from n/…	CWE-79 Cross-site Scripting	CVE-2026-25373	2026-04-25 01:35	2026-03-26	Show	GitHub Exploit DB Packet Storm