Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
205841	4.3	警告	XZERES Wind Corp	-	XZERES 442SR Wind Turbines 上で稼動する 442SR OS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-2287	2016-03-22 18:16	2016-03-21	Show	GitHub Exploit DB Packet Storm

205842	4.3	警告	Novell	-	Novell Filr におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5968	2016-03-22 18:10	2015-12-11	Show	GitHub Exploit DB Packet Storm

205843	4.3	警告	IBM	-	IBM WebSphere Application Server の OpenID Connect クライアント Web アプリケーションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-0283	2016-03-22 18:03	2016-03-18	Show	GitHub Exploit DB Packet Storm

205844	4	警告	IBM	-	IBM WebSphere Process Server および Business Process Manager Advanced におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-7454	2016-03-22 18:03	2015-09-29	Show	GitHub Exploit DB Packet Storm

205845	9	危険	IBM	-	IBM Tivoli NetView Access Services における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-9768	2016-03-22 18:03	2014-09-28	Show	GitHub Exploit DB Packet Storm

205846	4	警告	DELL EMC (旧 EMC Corporation)	-	EMC Documentum xCP における重要なユーザアカウントのメタデータを取得される脆弱性	CWE-200 情報漏えい	CVE-2016-0886	2016-03-22 16:14	2016-03-7	Show	GitHub Exploit DB Packet Storm

205847	10	危険	Google	-	Android のメディアサーバの libvpx における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-1621	2016-03-22 15:57	2016-03-7	Show	GitHub Exploit DB Packet Storm

205848	6.6	警告	Google	-	Android のセットアップウィザードにおける Factory Reset Protection 保護メカニズムを回避される脆弱性	CWE-264 CWE-Other	CVE-2016-0832	2016-03-22 15:57	2016-03-7	Show	GitHub Exploit DB Packet Storm

205849	4.3	警告	Google	-	Android の Telephony の internal/telephony/PhoneSubInfoController.java における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2016-0831	2016-03-22 15:57	2016-03-7	Show	GitHub Exploit DB Packet Storm

205850	3.3	注意	Google	-	Android の Bluetooth の btif_config.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2016-0830	2016-03-22 15:57	2016-03-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351981	-	zimbllc	com_zimbcomment	Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a ..…	CWE-22 Path Traversal	CVE-2010-1602	2010-04-30 13:00	2010-04-30	Show	GitHub Exploit DB Packet Storm

351982	-	zimbllc	com_zimbcore	Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly…	CWE-22 Path Traversal	CVE-2010-1603	2010-04-30 13:00	2010-04-30	Show	GitHub Exploit DB Packet Storm

351983	-	vpasp	vp-asp_shopping_cart	Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via…	CWE-79 Cross-site Scripting	CVE-2010-1590	2010-04-29 13:00	2010-04-29	Show	GitHub Exploit DB Packet Storm

351984	-	sisoftware	sandra	sandra.sys 15.18.1.1 and earlier in the Sandra Device Driver in SiSoftware Sandra 16.10.2010.1 and earlier allows local users to gain privileges or cause a denial of service (system crash) via unspec…	CWE-20 Improper Input Validation	CVE-2010-1592	2010-04-29 13:00	2010-04-29	Show	GitHub Exploit DB Packet Storm

351985	-	vmware	server	Cross-site scripting (XSS) vulnerability in WebAccess in VMware Server 2.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON error messages.	CWE-79 Cross-site Scripting	CVE-2010-1193	2010-04-28 14:46	2010-04-2	Show	GitHub Exploit DB Packet Storm

351986	-	moinmo	moinmoin	MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-1238	2010-04-28 14:46	2010-04-6	Show	GitHub Exploit DB Packet Storm

351987	-	vmware	virtualcenter server esx_server	WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via uns…	CWE-20 Improper Input Validation	CVE-2010-0686	2010-04-28 14:45	2010-04-2	Show	GitHub Exploit DB Packet Storm

351988	-	martin_hess	com_sermonspeaker	SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopu…	CWE-89 SQL Injection	CVE-2010-1559	2010-04-28 13:00	2010-04-28	Show	GitHub Exploit DB Packet Storm

351989	-	dlink	dir-615	The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, …	CWE-287 Improper Authentication	CVE-2009-4821	2010-04-28 13:00	2010-04-28	Show	GitHub Exploit DB Packet Storm

351990	-	james_glasgow john_vandervort	autologout	Cross-site scripting (XSS) vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privi…	CWE-79 Cross-site Scripting	CVE-2009-4829	2010-04-28 13:00	2010-04-28	Show	GitHub Exploit DB Packet Storm