Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 14, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
240861 6.8 警告 Google - Google Chrome の PDF 機能における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-2828 2012-06-28 15:48 2012-06-26 Show GitHub Exploit DB Packet Storm
240862 7.5 危険 Google - Mac OS X 上で稼働する Google Chrome の UI におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2827 2012-06-28 15:45 2012-06-26 Show GitHub Exploit DB Packet Storm
240863 5 警告 Google - Google Chrome の PDF 機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2012-2822 2012-06-28 15:28 2012-06-26 Show GitHub Exploit DB Packet Storm
240864 7.2 危険 Google - Google Chrome における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-2764 2012-06-28 14:19 2012-06-26 Show GitHub Exploit DB Packet Storm
240865 4 警告 Digium - Certified Asterisk および Asterisk Open Source におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2948 2012-06-27 16:24 2012-05-25 Show GitHub Exploit DB Packet Storm
240866 2.6 注意 Digium - Certified Asterisk および Asterisk Open Source におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性 CWE-16
環境設定 		CVE-2012-2947 2012-06-27 16:23 2012-05-29 Show GitHub Exploit DB Packet Storm
240867 7.5 危険 The OTR Development Team - Pidgin 用の OTR pidgin-otr プラグインにおけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2012-2369 2012-06-27 15:35 2012-05-16 Show GitHub Exploit DB Packet Storm
240868 4.3 警告 アドビシステムズ
日立		 - Adobe RoboHelp および RoboHelp Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0524 2012-06-27 13:52 2009-02-24 Show GitHub Exploit DB Packet Storm
240869 3.5 注意 Apache Software Foundation - Apache Roller におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2381 2012-06-27 11:20 2012-06-26 Show GitHub Exploit DB Packet Storm
240870 9.3 危険 Apache Software Foundation - Apache Roller の admin/editor コンソールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2380 2012-06-27 11:18 2012-06-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267271 4.7 MEDIUM
Local 		linux
debian 		linux_kernel
debian_linux 		In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated w… CWE-362
Race Condition 		CVE-2016-10741 2024-11-21 11:44 2019-02-2 Show GitHub Exploit DB Packet Storm
267272 4.9 MEDIUM
Network 		atlassian crowd Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to reques… CWE-200
Information Exposure 		CVE-2016-10740 2024-11-21 11:44 2019-01-29 Show GitHub Exploit DB Packet Storm
267273 5.3 MEDIUM
Local 		gnu
opensuse 		glibc
leap 		In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, whic… CWE-20
 Improper Input Validation  		CVE-2016-10739 2024-11-21 11:44 2019-01-22 Show GitHub Exploit DB Packet Storm
267274 8.8 HIGH
Network 		castlamp zenbership Zenbership v107 has CSRF via admin/cp-functions/event-add.php. CWE-352
 Origin Validation Error 		CVE-2016-10738 2024-11-21 11:44 2019-01-16 Show GitHub Exploit DB Packet Storm
267275 5.4 MEDIUM
Network 		s9y serendipity Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter. CWE-79
Cross-site Scripting 		CVE-2016-10737 2024-11-21 11:44 2019-01-16 Show GitHub Exploit DB Packet Storm
267276 6.1 MEDIUM
Network 		devpups social_pug The "Social Pug - Easy Social Share Buttons" plugin before 1.2.6 for WordPress allows XSS via the wp-admin/admin.php?page=dpsp-toolkit dpsp_message_class parameter. CWE-79
Cross-site Scripting 		CVE-2016-10736 2024-11-21 11:44 2019-01-10 Show GitHub Exploit DB Packet Storm
267277 6.1 MEDIUM
Network 		getbootstrap bootstrap In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. CWE-79
Cross-site Scripting 		CVE-2016-10735 2024-11-21 11:44 2019-01-9 Show GitHub Exploit DB Packet Storm
267278 9.8 CRITICAL
Network 		qualcomm mdm9206_firmware
mdm9607_firmware
mdm9650_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_835_firmware
sda660_firmware 		While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM965… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-10502 2024-11-21 11:44 2018-12-10 Show GitHub Exploit DB Packet Storm
267279 9.8 CRITICAL
Network 		projectsend projectsend ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php. CWE-285
Improper Authorization 		CVE-2016-10734 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm
267280 9.8 CRITICAL
Network 		projectsend projectsend ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string. CWE-22
Path Traversal 		CVE-2016-10733 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm