Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222551	4.3	警告	Conceptronic	-	Conceptronic C54APM アクセスポイントの goform/formWlSiteSurvey における CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2014-1406	2014-01-15 10:09	2014-01-7	Show	GitHub Exploit DB Packet Storm

222552	5.8	警告	Conceptronic	-	Conceptronic C54APM アクセスポイントにおけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2014-1405	2014-01-15 10:08	2014-01-7	Show	GitHub Exploit DB Packet Storm

222553	3.5	注意	MantisBT Group	-	MantisBT の account_sponsor_page.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4460	2014-01-15 10:00	2013-10-19	Show	GitHub Exploit DB Packet Storm

222554	6.4	警告	Jethro Carr	-	Amberdms Billing System におけるアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-5291	2014-01-14 18:45	2010-03-8	Show	GitHub Exploit DB Packet Storm

222555	1.9	注意	Jethro Carr	-	Amberdms Billing System における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-5292	2014-01-14 18:43	2010-03-8	Show	GitHub Exploit DB Packet Storm

222556	7.4	危険	シマンテック	-	Symantec Endpoint Protection および Endpoint Protection Small Business Edition における権限を取得される脆弱性	CWE-287 不適切な認証	CVE-2013-5009	2014-01-14 18:39	2014-01-9	Show	GitHub Exploit DB Packet Storm

222557	4.6	警告	シマンテック	-	Symantec Endpoint Protection および Endpoint Protection Small Business Edition におけるポリシー制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-5010	2014-01-14 18:35	2014-01-9	Show	GitHub Exploit DB Packet Storm

222558	7.2	危険	シマンテック	-	Symantec Endpoint Protection および Endpoint Protection Small Business Edition における権限を取得される脆弱性	CWE-22 パス・トラバーサル	CVE-2013-5011	2014-01-14 18:32	2014-01-9	Show	GitHub Exploit DB Packet Storm

222559	4.3	警告	MyBB Group	-	MyBB の inc/class_parser.php 内の mycode_parse_video 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7288	2014-01-14 18:07	2013-12-3	Show	GitHub Exploit DB Packet Storm

222560	4.3	警告	Andy's PHP Knowledgebase Project	-	Andy's PHP Knowledgebase の register.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-7289	2014-01-14 17:58	2013-12-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
272861	7.2	HIGH Network	piwigo	piwigo	admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page['tab'] variable (aka the mode parameter).	CWE-284 Improper Access Control	CVE-2016-10084	2024-11-21 11:43	2016-12-30	Show	GitHub Exploit DB Packet Storm

272862	6.1	MEDIUM Network	piwigo	piwigo	Cross-site scripting (XSS) vulnerability in admin/plugin.php in Piwigo through 2.8.3 allows remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in a cert…	CWE-79 Cross-site Scripting	CVE-2016-10083	2024-11-21 11:43	2016-12-30	Show	GitHub Exploit DB Packet Storm

272863	9.8	CRITICAL Network	s9y	serendipity	include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the…	CWE-284 Improper Access Control	CVE-2016-10082	2024-11-21 11:43	2016-12-30	Show	GitHub Exploit DB Packet Storm

272864	7.8	HIGH Local	shutter-project	shutter	/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.	CWE-19 Data Processing Errors	CVE-2016-10081	2024-11-21 11:43	2016-12-30	Show	GitHub Exploit DB Packet Storm

272865	7.5	HIGH Local	wampserver	wampserver	WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary co…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-10072	2024-11-21 11:43	2016-12-27	Show	GitHub Exploit DB Packet Storm

272866	7.5	HIGH Local	wampserver	wampserver	WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged l…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-10031	2024-11-21 11:43	2016-12-27	Show	GitHub Exploit DB Packet Storm

272867	6.1	MEDIUM Network	antisamy_project	antisamy	In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impac…	CWE-79 Cross-site Scripting	CVE-2016-10006	2024-11-21 11:43	2016-12-25	Show	GitHub Exploit DB Packet Storm

272868	7.5	HIGH Network	sprecher-automation	sprecon-e_service_program	An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisi…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-10041	2024-11-21 11:43	2016-12-25	Show	GitHub Exploit DB Packet Storm

272869	7.3	HIGH Network	modx	modx_revolution	Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to …	CWE-22 Path Traversal	CVE-2016-10039	2024-11-21 11:43	2016-12-24	Show	GitHub Exploit DB Packet Storm

272870	7.3	HIGH Network	modx	modx_revolution	Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to …	CWE-22 Path Traversal	CVE-2016-10038	2024-11-21 11:43	2016-12-24	Show	GitHub Exploit DB Packet Storm