Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240821	4.3	警告	Apache Software Foundation	-	SAP Business Objects などで使用される Apache Axis2/Java の axis2-admin/axis2-admin/engagingglobally におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2103	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

240822	7.5	危険	e107.org	-	e107 の bbcode/php.bb における PHP リモートファイルインクルージョンの脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2099	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

240823	7.5	危険	e107.org	-	e107 の usersettings.php におけるSQL インジェクション攻撃を誘発される脆弱性	CWE-Other その他	CVE-2010-2098	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

240824	7.5	危険	cmsqlite	-	CMSQlite の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-2096	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

240825	7.5	危険	cmsqlite	-	CMSQlite の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2095	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

240826	7.5	危険	The Cacti Group	-	Cacti の graph.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2092	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

240827	4	警告	Apache Software Foundation	-	IBM WebSphere Application Server などで使用される Apache MyFaces における任意の EL 宣言文を実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2086	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

240828	5	警告	シスコシステムズ	-	Cisco Scientific Atlanta WebSTAR DPC2100R2 ケーブルモデムの Web インターフェースにおける特権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-2082	2012-06-26 16:19	2010-05-26	Show	GitHub Exploit DB Packet Storm

240829	7.5	危険	Apache Software Foundation	-	Apache ServiceMix などで使用される Apache CXF における任意のファイルを読まれ任意の HTTP リクエストをサーバに送信される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2076	2012-06-26 16:19	2010-06-16	Show	GitHub Exploit DB Packet Storm

240830	3.3	注意	GNU Project	-	GNU gv における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2010-2056	2012-06-26 16:19	2010-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267421	5.4	MEDIUM Network	backbone_project	backbone	backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site…	CWE-79 Cross-site Scripting	CVE-2016-10537	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267422	5.9	MEDIUM Network	socket	engine.io-client	engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the …	CWE-295 Improper Certificate Validation	CVE-2016-10536	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267423	5.9	MEDIUM Network	csrf-lite_project	csrf-lite	csrf-lite is a cross-site request forgery protection library for framework-less node sites. csrf-lite uses `===`, a fail first string comparison, instead of a time constant string comparison This ena…	CWE-310 Cryptographic Issues	CVE-2016-10535	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267424	5.9	MEDIUM Network	electron-packager_project	electron-packager	electron-packager is a command line tool that packages Electron source code into `.app` and `.exe` packages. along with Electron. The `--strict-ssl` command line option in electron-packager >= 5.2.1 …	CWE-295 Improper Certificate Validation	CVE-2016-10534	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267425	6.1	MEDIUM Network	marked_project	marked	marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content i…	CWE-79 Cross-site Scripting	CVE-2016-10531	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267426	5.9	MEDIUM Network	airbrake	airbrake	The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could…	CWE-310 CWE-200 Cryptographic Issues Information Exposure	CVE-2016-10530	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267427	8.8	HIGH Network	droppy_project	droppy	Droppy versions <3.5.0 does not perform any verification for cross-domain websocket requests. An attacker is able to make a specially crafted page that can send requests as the context of the current…	CWE-352 Origin Validation Error	CVE-2016-10529	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267428	4.9	MEDIUM Network	restafary_project	restafary	restafary is a REpresentful State Transfer API for Creating, Reading, Using, Deleting files on a server from the web. Restafary before 1.6.1 is able to set up a root path, which should only allow it …	CWE-22 Path Traversal	CVE-2016-10528	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267429	8.8	HIGH Network	express-restify-mongoose_project	express-restify-mongoose	express-restify-mongoose is a module to easily create a flexible REST interface for mongoose models. express-restify-mongoose 2.4.2 and earlier and 3.0.X through 3.0.1 allows a malicious user to send…	CWE-200 Information Exposure	CVE-2016-10533	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm

267430	9.8	CRITICAL Network	console-io_project	console-io	console-io is a module that allows users to implement a web console in their application. A malicious user could bypass the authentication and execute any command that the user who is running the con…	CWE-287 Improper Authentication	CVE-2016-10532	2024-11-21 11:44	2018-06-1	Show	GitHub Exploit DB Packet Storm