Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
238901	10	危険	ヒューレット・パッカード	-	Solaris 上で稼動する HP Operations Agent における任意のコードを実行される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0444	2012-09-25 17:38	2010-02-8	Show	GitHub Exploit DB Packet Storm

238902	6.8	警告	ヒューレット・パッカード	-	Alpha プラットフォームで稼動する HP OpenVMS の RMS における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0443	2012-09-25 17:38	2010-02-2	Show	GitHub Exploit DB Packet Storm

238903	6.5	警告	OTRS プロジェクト	-	OTRS の OTRS-Core の Kernel/System/Ticket.pm における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0438	2012-09-25 17:38	2010-02-8	Show	GitHub Exploit DB Packet Storm

238904	4	警告	OpenTTD	-	OpenTTD におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0406	2012-09-25 17:38	2010-05-5	Show	GitHub Exploit DB Packet Storm

238905	6.5	警告	OpenTTD	-	OpenTTD におけるサービス運用妨害 (DoS) の脆弱性	CWE-94 コード・インジェクション	CVE-2010-0402	2012-09-25 17:38	2010-05-5	Show	GitHub Exploit DB Packet Storm

238906	6.5	警告	OpenTTD	-	OpenTTD におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0401	2012-09-25 17:38	2010-05-5	Show	GitHub Exploit DB Packet Storm

238907	7.5	危険	Mahara	-	mahara の lib/user.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0400	2012-09-25 17:38	2010-04-7	Show	GitHub Exploit DB Packet Storm

238908	6.8	警告	nanosleep	-	Trac Git プラグインの PyGIT.py における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0394	2012-09-25 17:38	2010-02-3	Show	GitHub Exploit DB Packet Storm

238909	5	警告	JCE-Tech.com	-	JCE-Tech PHP Calendars の install.php におけるアクセス制限を回避する脆弱性	CWE-16 CWE-264	CVE-2010-0380	2012-09-25 17:38	2010-01-22	Show	GitHub Exploit DB Packet Storm

238910	4.3	警告	JCE-Tech.com	-	JCE-Tech PHP Calendars の product_list.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0376	2012-09-25 17:38	2010-01-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285671	-	reality66	cart66_lite	SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a …	CWE-89 SQL Injection	CVE-2014-9442	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285672	-	lightbox_photo_gallery_project	lightbox_photo_gallery	Multiple cross-site request forgery (CSRF) vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests th…	CWE-352 Origin Validation Error	CVE-2014-9441	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285673	-	phpmyrecipes_project	phpmyrecipes	SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the category parameter.	CWE-89 SQL Injection	CVE-2014-9440	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285674	-	efssoft	easy_file_sharing_web_server	Cross-site scripting (XSS) vulnerability in Easy File Sharing Web Server 6.8 allows remote attackers to inject arbitrary web script or HTML via the username field during registration, which is not pr…	CWE-79 Cross-site Scripting	CVE-2014-9439	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285675	-	vbulletin	vbulletin	Cross-site request forgery (CSRF) vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that (1) ban a us…	CWE-352 Origin Validation Error	CVE-2014-9438	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285676	-	sliding_social_icons_project	sliding_social_icons	Multiple cross-site request forgery (CSRF) vulnerabilities in the Sliding Social Icons plugin 1.61 for WordPress allow remote attackers to hijack the authentication of administrators for requests tha…	CWE-352 Origin Validation Error	CVE-2014-9437	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285677	-	sysaid	sysaid	Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.	CWE-22 Path Traversal	CVE-2014-9436	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285678	-	absolutengine	absolut_engine	Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow remote authenticated users to execute arbitrary SQL commands via the (1) sectionID parameter to admin/managersection.php, (2) userI…	CWE-89 SQL Injection	CVE-2014-9435	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285679	-	absolutengine	absolut_engine	Cross-site scripting (XSS) vulnerability in admin/managerrelated.php in the administrative backend in Absolut Engine 1.73 allows remote authenticated users to inject arbitrary web script or HTML via …	CWE-79 Cross-site Scripting	CVE-2014-9434	2024-11-21 11:20	2015-01-3	Show	GitHub Exploit DB Packet Storm

285680	-	contenido	contendio	Multiple cross-site scripting (XSS) vulnerabilities in cms/front_content.php in Contenido before 4.9.6, when advanced mod rewrite (AMR) is disabled, allow remote attackers to inject arbitrary web scr…	CWE-79 Cross-site Scripting	CVE-2014-9433	2024-11-21 11:20	2015-01-1	Show	GitHub Exploit DB Packet Storm