Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
206191 8.2 重要
Network
filedownload project - WordPress 用 filedownload プラグインの Open Proxy における脆弱性 CWE-20
不適切な入力確認
CVE-2015-1000002 2016-10-19 16:56 2015-07-11 Show GitHub Exploit DB Packet Storm
206192 6.1 警告
Network
wpsolr.com - WordPress 用 wpsolr-search-engine プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000155 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206193 6.1 警告
Network
Browserweb Inc. - WordPress 用 whizz プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000154 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206194 6.1 警告
Network
tidio-gallery project - WordPress 用 tidio-gallery プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000153 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206195 6.1 警告
Network
tidio-form project - WordPress 用 tidio-form プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000152 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206196 6.1 警告
Network
tera-charts project - WordPress 用 tera-charts プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000151 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206197 6.1 警告
Network
Oxford Information Labs Limited - WordPress 用 simplified-content プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000150 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206198 6.1 警告
Network
simpel-reserveren project - WordPress 用 simpel-reserveren プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000149 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206199 6.1 警告
Network
Anthony Mills - WordPress 用 S3 Video プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000148 2016-10-19 16:55 2016-02-9 Show GitHub Exploit DB Packet Storm
206200 6.1 警告
Network
recipes-writer project - WordPress 用 recipes-writer プラグインにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2016-1000147 2016-10-19 16:54 2016-02-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347241 - sun jre
jdk
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availabil… NVD-CWE-noinfo
CVE-2010-0838 2018-10-11 04:53 2010-04-2 Show GitHub Exploit DB Packet Storm
347242 - sun jre
jdk
Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html 'Affected product releases and versions: • Java SE: • JDK and JRE 6 Update 18 an… NVD-CWE-noinfo
CVE-2010-0838 2018-10-11 04:53 2010-04-2 Show GitHub Exploit DB Packet Storm
347243 - roger_lopez
thomas_turnbull
nodeblock Cross-site scripting (XSS) vulnerability in the Node Blocks module 5.x-1.1 and earlier, and 6.x-1.3 and earlier, a module for Drupal, allows remote authenticated users, with permissions to create or … CWE-79
Cross-site Scripting
CVE-2010-0370 2018-10-11 04:52 2010-01-22 Show GitHub Exploit DB Packet Storm
347244 - phpgroupware phpgroupware Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter. CWE-22
Path Traversal
CVE-2010-0403 2018-10-11 04:52 2010-05-19 Show GitHub Exploit DB Packet Storm
347245 - phpgroupware phpgroupware Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, … CWE-89
SQL Injection
CVE-2010-0404 2018-10-11 04:52 2010-05-19 Show GitHub Exploit DB Packet Storm
347246 - todd_miller sudo sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary direct… CWE-264
Permissions, Privileges, and Access Controls
CVE-2010-0426 2018-10-11 04:52 2010-02-25 Show GitHub Exploit DB Packet Storm
347247 - todd_miller sudo sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. CWE-264
Permissions, Privileges, and Access Controls
CVE-2010-0427 2018-10-11 04:52 2010-02-26 Show GitHub Exploit DB Packet Storm
347248 - chip_salzenberg deliver Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file. CWE-59
Link Following
CVE-2010-0439 2018-10-11 04:52 2010-03-27 Show GitHub Exploit DB Packet Storm
347249 - asterisk asterisk Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemo… CWE-20
 Improper Input Validation 
CVE-2010-0441 2018-10-11 04:52 2010-02-5 Show GitHub Exploit DB Packet Storm
347250 - hp openview_performance_insight The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbi… CWE-287
Improper Authentication
CVE-2010-0447 2018-10-11 04:52 2010-03-11 Show GitHub Exploit DB Packet Storm