Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
200741	6.3	警告 Network	WordPress.org	-	WordPress のアップグレードパッケージのアップローダにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2016-7169	2017-01-17 14:27	2016-09-7	Show	GitHub Exploit DB Packet Storm

200742	4.8	警告 Network	WordPress.org	-	WordPress の wp-admin/includes/media.php の media_handle_upload 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-7168	2017-01-17 14:27	2016-09-7	Show	GitHub Exploit DB Packet Storm

200743	7.8	重要 Local	Linux	-	Linux Kernel のプロファイリングサブシステムにおける権限を取得される脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2016-9754	2017-01-17 10:57	2016-06-1	Show	GitHub Exploit DB Packet Storm

200744	7.3	重要 Network	MetalGenix	-	GeniXCMS の register.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-10096	2017-01-17 10:46	2016-08-14	Show	GitHub Exploit DB Packet Storm

200745	7.5	重要 Network	The Tor Project	-	Tor におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-8860	2017-01-17 10:44	2016-10-17	Show	GitHub Exploit DB Packet Storm

200746	9.8	緊急 Network	ICU project	-	C/C++ 用 International Components for Unicode の common/uresbund.cpp の ures_getByKeyWithFallback 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-9911	2017-01-17 10:14	2014-05-9	Show	GitHub Exploit DB Packet Storm

200747	7.5	重要 Network	ForgeRock	-	OpenAM - Access Management の /SSOPOST/metaAlias/%realm%/idpv2 における任意のファイルを読まれる脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2016-10097	2017-01-17 09:54	2016-03-20	Show	GitHub Exploit DB Packet Storm

200748	3.7	低 Network	Dotclear	-	Dotclear におけるパスワードリセットのアドレスのリンクを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-7903	2017-01-16 18:17	2016-11-1	Show	GitHub Exploit DB Packet Storm

200749	8.8	重要 Network	Dotclear	-	Dotclear の fileUnzip->unzip メソッドにおける任意のコードを実行される脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2016-7902	2017-01-16 18:17	2016-11-1	Show	GitHub Exploit DB Packet Storm

200750	9.8	緊急 Network	ベリタス	-	Veritas NetBackup アプライアンスの scripts/license.pl における任意のコマンドを実行される脆弱性	CWE-77 コマンドインジェクション	CVE-2016-7399	2017-01-16 17:51	2016-10-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345561	-	symantec	altiris_notification_server	The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on…	CWE-255 Credentials Management	CVE-2009-3035	2017-08-17 10:31	2010-02-3	Show	GitHub Exploit DB Packet Storm

345562	-	realnetworks	realplayer realplayer_enterprise realplayer_sp helix_player	RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Pla…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-4243	2017-08-17 10:31	2010-01-26	Show	GitHub Exploit DB Packet Storm

345563	-	realnetworks	realplayer realplayer_enterprise realplayer_sp helix_player	Specific affected release information can be found from RealNetworks at: http://service.real.com/realplayer/security/01192010_player/en/	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2009-4243	2017-08-17 10:31	2010-01-26	Show	GitHub Exploit DB Packet Storm

345564	-	accellion	secure_file_transfer_appliance	Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping c…	CWE-78 OS Command	CVE-2009-4644	2017-08-17 10:31	2010-02-20	Show	GitHub Exploit DB Packet Storm

345565	-	accellion	secure_file_transfer_appliance	Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the la…	CWE-22 Path Traversal	CVE-2009-4645	2017-08-17 10:31	2010-02-20	Show	GitHub Exploit DB Packet Storm

345566	-	accellion	secure_file_transfer_appliance	Cross-site scripting (XSS) vulnerability in Accellion Secure File Transfer Appliance before 7_0_296 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is…	CWE-79 Cross-site Scripting	CVE-2009-4647	2017-08-17 10:31	2010-02-20	Show	GitHub Exploit DB Packet Storm

345567	-	accellion	secure_file_transfer_appliance	Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2009-4648	2017-08-17 10:31	2010-02-20	Show	GitHub Exploit DB Packet Storm

345568	-	geccbblite	geccbblite	Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php,…	CWE-79 Cross-site Scripting	CVE-2009-4649	2017-08-17 10:31	2010-02-23	Show	GitHub Exploit DB Packet Storm

345569	-	novell	edirectory	The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.	CWE-310 Cryptographic Issues	CVE-2009-4655	2017-08-17 10:31	2010-02-27	Show	GitHub Exploit DB Packet Storm

345570	-	novell	groupwise	Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via t…	CWE-79 Cross-site Scripting	CVE-2009-4662	2017-08-17 10:31	2010-03-4	Show	GitHub Exploit DB Packet Storm