Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230851 3.6 注意 Simon Phillips - Joomla! 用の Aardvertiser コンポーネントにおける特定のファイルを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3028 2012-12-20 19:29 2010-08-16 Show GitHub Exploit DB Packet Storm
230852 7.5 危険 tycoon - Tycoon Baseball Script の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3027 2012-12-20 19:29 2010-08-16 Show GitHub Exploit DB Packet Storm
230853 5 警告 Wireshark - Wireshark の GSM A RR 解析子におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2010-2992 2012-12-20 19:29 2010-06-21 Show GitHub Exploit DB Packet Storm
230854 9.3 危険 raphael assenat - libmikmod の loaders/load_it.c におけるバッファオーバーリードを誘発される脆弱性 CWE-119
バッファエラー 		CVE-2010-2971 2012-12-20 19:29 2010-08-5 Show GitHub Exploit DB Packet Storm
230855 7.8 危険 ウインドリバー株式会社 - Wind River VxWorks の FTP デーモンにおけるアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2968 2012-12-20 19:29 2010-08-5 Show GitHub Exploit DB Packet Storm
230856 7.8 危険 ウインドリバー株式会社 - Wind River VxWorks の loginLib におけるアクセス権を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-2967 2012-12-20 19:29 2010-08-5 Show GitHub Exploit DB Packet Storm
230857 7.8 危険 ウインドリバー株式会社 - Wind River VxWorks の INCLUDE_SECURITY 機能におけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-2966 2012-12-20 19:29 2010-08-5 Show GitHub Exploit DB Packet Storm
230858 10 危険 Rockwell Automation
ウインドリバー株式会社		 - Rockwell Automation 1756-ENBT series A で使用されている Wind River VxWorks における任意のメモリ領域を読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2965 2012-12-20 19:29 2010-08-5 Show GitHub Exploit DB Packet Storm
230859 6.9 警告 simone rota - SLiM における権限を取得される脆弱性 CWE-16
環境設定 		CVE-2010-2945 2012-12-20 19:29 2010-08-30 Show GitHub Exploit DB Packet Storm
230860 5 警告 VideoLAN - VideoLAN VLC Media Player の TagLib プラグインにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2937 2012-12-20 19:29 2010-08-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
295441 - machform machform Cross-site scripting (XSS) vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element_2 parameter. CWE-79
Cross-site Scripting 		CVE-2013-4950 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
295442 - machform machform Unrestricted file upload vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in t… NVD-CWE-Other
CVE-2013-4949 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
295443 - machform machform SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element_2 parameter. CWE-89
SQL Injection 		CVE-2013-4948 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
295444 - sawmill sawmill Unspecified vulnerability in the update and build database page in Sawmill before 8.6.3 allows remote attackers to have unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2013-4947 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
295445 - bmc service_desk_express Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.… CWE-79
Cross-site Scripting 		CVE-2013-4946 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
295446 - bmc service_desk_express Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) T… CWE-89
SQL Injection 		CVE-2013-4945 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
295447 - fusedpress buddypress-extended-frienship-request Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin before 1.0.2 for WordPress, when the "Friend Connections" component is enabled, allows remote attackers t… CWE-79
Cross-site Scripting 		CVE-2013-4944 2024-11-21 10:56 2013-07-30 Show GitHub Exploit DB Packet Storm
295448 - freebsd freebsd The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entr… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2013-4851 2024-11-21 10:56 2013-07-29 Show GitHub Exploit DB Packet Storm
295449 - isc
suse
novell
opensuse
freebsd
mandriva
redhat
fedoraproject
hp
slackware 		bind
suse_linux_enterprise_software_development_kit
suse_linux
dnsco_bind
opensuse
freebsd
business_server
enterprise_server
enterprise_linux
fedora
hp-ux
slackware_l… 		The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remo… NVD-CWE-noinfo
CVE-2013-4854 2024-11-21 10:56 2013-07-29 Show GitHub Exploit DB Packet Storm
295450 - yahoo
moodle 		yui
moodle 		Cross-site scripting (XSS) vulnerability in flashuploader.swf in the Uploader component in Yahoo! YUI 3.5.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2… CWE-79
Cross-site Scripting 		CVE-2013-4942 2024-11-21 10:56 2013-07-29 Show GitHub Exploit DB Packet Storm