Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 16, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191251 6.1 警告
Network 		XWiki - XWiki labs の CryptPad の pad エクスポートにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1000051 2017-08-8 13:43 2017-03-3 Show GitHub Exploit DB Packet Storm
191252 6.1 警告
Network 		Apache Software Foundation - Apache Sling の XSS Protection API モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-5394 2017-08-8 13:41 2016-06-10 Show GitHub Exploit DB Packet Storm
191253 4.9 警告
Network 		Sitecore - Sitecore における絶対パストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2017-11440 2017-08-8 12:30 2017-05-5 Show GitHub Exploit DB Packet Storm
191254 5.4 警告
Network 		Sitecore - Sitecore における反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-11439 2017-08-8 12:30 2017-05-5 Show GitHub Exploit DB Packet Storm
191255 7.8 重要
Local 		Alpine Linux Development Team - apk におけるヒープオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-9671 2017-08-8 12:09 2017-06-25 Show GitHub Exploit DB Packet Storm
191256 7.8 重要
Local 		Alpine Linux Development Team - apk におけるヒープオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-9669 2017-08-8 12:09 2017-06-25 Show GitHub Exploit DB Packet Storm
191257 6.5 警告
Network 		Exiv2 project - Exiv2 の XmpParser::terminate() 関数におけるセグメンテーション違反を引き起こされる脆弱性 CWE-20
不適切な入力確認 		CVE-2017-11340 2017-08-8 11:57 2017-07-14 Show GitHub Exploit DB Packet Storm
191258 6.5 警告
Network 		Exiv2 project - Exiv2 の image.cpp の Image::printIFDStructure 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-11339 2017-08-8 11:57 2017-07-14 Show GitHub Exploit DB Packet Storm
191259 6.5 警告
Network 		Exiv2 project - Exiv2 の image.cpp の Exiv2::Image::printIFDStructure 関数における無限ループを引き起こされる脆弱性 CWE-20
不適切な入力確認 		CVE-2017-11338 2017-08-8 11:57 2017-07-13 Show GitHub Exploit DB Packet Storm
191260 6.5 警告
Network 		Exiv2 project - Exiv2 の actions.cpp の Action::TaskFactory::cleanup 関数における不正な解放を引き起こされる脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-11337 2017-08-8 11:57 2017-07-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
348451 - johnmccollum com_advertising Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (… CWE-22
Path Traversal 		CVE-2010-1473 2010-06-11 13:00 2010-04-20 Show GitHub Exploit DB Packet Storm
348452 - alphaplug com_alphauserpoints Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact v… CWE-22
Path Traversal 		CVE-2010-1476 2010-06-11 13:00 2010-04-20 Show GitHub Exploit DB Packet Storm
348453 - martin_hess com_sermonspeaker SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a latest_serm… CWE-89
SQL Injection 		CVE-2010-1477 2010-06-11 13:00 2010-04-20 Show GitHub Exploit DB Packet Storm
348454 - ternaria com_jfeedback Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other … CWE-22
Path Traversal 		CVE-2010-1478 2010-06-11 13:00 2010-04-20 Show GitHub Exploit DB Packet Storm
348455 - rockettheme com_rokmodule SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.ph… CWE-89
SQL Injection 		CVE-2010-1479 2010-06-11 13:00 2010-04-20 Show GitHub Exploit DB Packet Storm
348456 - pligg pligg_cms Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authentication of administrators for requests that create user accounts or have u… CWE-352
 Origin Validation Error 		CVE-2009-4787 2010-06-11 13:00 2010-04-21 Show GitHub Exploit DB Packet Storm
348457 - shape5 bridge_of_hope_template SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. CWE-89
SQL Injection 		CVE-2010-2254 2010-06-10 13:00 2010-06-10 Show GitHub Exploit DB Packet Storm
348458 - tamlyncreative com_bfsurvey_profree
com_bfsurvey_pro
com_bfsurvey_basic 		SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joo… CWE-89
SQL Injection 		CVE-2010-2255 2010-06-10 13:00 2010-06-10 Show GitHub Exploit DB Packet Storm
348459 - payperviewvideosoftware pay_per_minute_video_chat_script Multiple cross-site scripting (XSS) vulnerabilities in Pay Per Minute Video Chat Script 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/mem… CWE-79
Cross-site Scripting 		CVE-2010-2256 2010-06-10 13:00 2010-06-10 Show GitHub Exploit DB Packet Storm
348460 - payperviewvideosoftware pay_per_minute_video_chat_script SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. CWE-89
SQL Injection 		CVE-2010-2257 2010-06-10 13:00 2010-06-10 Show GitHub Exploit DB Packet Storm