Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 12:07 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
202471 8.8 重要
Network 		The PHP Group - PHP の ext/phar/phar_object.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-4342 2016-10-26 15:26 2016-02-4 Show GitHub Exploit DB Packet Storm
202472 9.8 緊急
Network 		The PHP Group
アップル		 - PHP の ext/mbstring/libmbfl/mbfl/mbfilter.c の mbfl_strcut 関数における整数オーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-4073 2016-10-26 15:26 2016-03-31 Show GitHub Exploit DB Packet Storm
202473 7.5 重要
Network 		The PHP Group
アップル		 - PHP の ext/standard/url.c の php_raw_url_encode 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2016-4070 2016-10-26 15:25 2016-03-31 Show GitHub Exploit DB Packet Storm
202474 9.8 緊急
Network 		The PHP Group
アップル		 - PHP の ext/snmp/snmp.c の php_snmp_error 関数におけるフォーマットストリングの脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4071 2016-10-26 15:24 2016-03-31 Show GitHub Exploit DB Packet Storm
202475 9.8 緊急
Network 		The PHP Group
アップル		 - PHP の Phar エクステンションにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4072 2016-10-26 15:23 2016-03-31 Show GitHub Exploit DB Packet Storm
202476 9.8 緊急
Network 		LibGD project
Debian		 - GD Graphics Library における整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2016-3074 2016-10-26 15:22 2016-04-16 Show GitHub Exploit DB Packet Storm
202477 8.1 重要
Network 		オラクル - Oracle Supply Chain Products Suite の Oracle Agile Engineering Data Management における webfileservices に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-5518 2016-10-26 14:33 2016-10-18 Show GitHub Exploit DB Packet Storm
202478 5.5 警告
Local 		オラクル - Oracle E-Business Suite の Oracle Applications DBA における AD Utilities に関する脆弱性 CWE-Other
その他 		CVE-2016-5517 2016-10-26 14:32 2016-10-18 Show GitHub Exploit DB Packet Storm
202479 6 警告
Local 		オラクル - Oracle Database Server の Kernel PDB における脆弱性 CWE-noinfo
情報不足 		CVE-2016-5516 2016-10-26 14:28 2016-10-18 Show GitHub Exploit DB Packet Storm
202480 4.3 警告
Network 		オラクル - Oracle Supply Chain Products Suite の Oracle Agile PLM における File Manager に関する脆弱性 CWE-200
情報漏えい 		CVE-2016-5513 2016-10-26 14:25 2016-10-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345611 - magnoware datatrack_system DataTrack System 3.5 allows remote attackers to list the root directory via a (1) /%u0085/ or (2) /%u00A0/ URI. CWE-20
 Improper Input Validation  		CVE-2010-2078 2017-08-17 10:32 2010-05-26 Show GitHub Exploit DB Packet Storm
345612 - magnoware datatrack_system DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by (1) web.config\ and (2… CWE-20
 Improper Input Validation  		CVE-2010-2079 2017-08-17 10:32 2010-05-26 Show GitHub Exploit DB Packet Storm
345613 - ibm communications_server The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attack… CWE-20
 Improper Input Validation  		CVE-2010-2090 2017-08-17 10:32 2010-05-28 Show GitHub Exploit DB Packet Storm
345614 - pacifictimesheet pacific_timesheet Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74 build 363 allows remote attackers to hijack the authentication of administrators for requests that create… CWE-352
 Origin Validation Error 		CVE-2010-2111 2017-08-17 10:32 2010-05-29 Show GitHub Exploit DB Packet Storm
345615 - uniformserver uniformserver Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow remote attackers to hijack the authentication of administrators for requests that change passwords via (1)… CWE-352
 Origin Validation Error 		CVE-2010-2113 2017-08-17 10:32 2010-05-29 Show GitHub Exploit DB Packet Storm
345616 - speedtech storm Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary we… CWE-79
Cross-site Scripting 		CVE-2010-2123 2017-08-17 10:32 2010-06-2 Show GitHub Exploit DB Packet Storm
345617 - bartels-schoene conpresso SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2010-2124 2017-08-17 10:32 2010-06-2 Show GitHub Exploit DB Packet Storm
345618 - systemseed rotor Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with "create rotor item" or "edit… CWE-79
Cross-site Scripting 		CVE-2010-2125 2017-08-17 10:32 2010-06-2 Show GitHub Exploit DB Packet Storm
345619 - snipegallery snipe_gallery Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php… CWE-94
Code Injection 		CVE-2010-2126 2017-08-17 10:32 2010-06-2 Show GitHub Exploit DB Packet Storm
345620 - jv2design jv2_folder_gallery PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter. CWE-94
Code Injection 		CVE-2010-2127 2017-08-17 10:32 2010-06-2 Show GitHub Exploit DB Packet Storm