Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240871	9.3	危険	コンソナ	-	Consona Live Assistance の SdcWebSecureBase インターフェースの pluginlicense.ini のデフォルト設定における ActiveX 実行に対する制限を回避される脆弱性	CWE-16 環境設定	CVE-2010-1913	2012-06-26 16:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

240872	9.3	危険	コンソナ	-	Consona Live Assistance の SdcWebSecureBase インターフェースにおける ActiveX 実行上で制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1912	2012-06-26 16:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

240873	9.3	危険	コンソナ	-	Consona Live Assistance の SdcWebSecureBase インターフェースの site-locking 実装における任意のコードを実行される脆弱性	CWE-310 暗号の問題	CVE-2010-1911	2012-06-26 16:19	2010-04-16	Show	GitHub Exploit DB Packet Storm

240874	5.1	警告	コンソナ	-	Consona Live Assistance の Forgot Password 実装における空白の Hint 質問および空白の Hint 答えを持つアカウントのパスワードをリセットされる脆弱性	CWE-287 不適切な認証	CVE-2010-1910	2012-06-26 16:19	2010-04-16	Show	GitHub Exploit DB Packet Storm

240875	7.6	危険	コンソナ	-	Consona Live Assistance の tgctlcm.dll の SdcUser.TgConCtl ActiveX コントロールの RunCmd メソッドにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1909	2012-06-26 16:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

240876	9.3	危険	コンソナ	-	Consona Live Assistance の tgctlcm.dll の SdcUser.TgConCtl ActiveX コントロールにおける任意のプログラムを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1908	2012-06-26 16:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

240877	4.3	警告	コンソナ	-	Consona Live Assistance の SdcUser.TgConCtl ActiveX コントロールにおける特定のユーザディレクトリへのパス名を特定される脆弱性	CWE-200 情報漏えい	CVE-2010-1907	2012-06-26 16:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

240878	7.2	危険	コンソナ	-	Consona Dynamic Agent などの tgsrv.exe における任意のコードを実行される脆弱性	CWE-310 暗号の問題	CVE-2010-1906	2012-06-26 16:19	2010-04-16	Show	GitHub Exploit DB Packet Storm

240879	4.3	警告	コンソナ	-	Consona Live Assistance および他の製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1905	2012-06-26 16:19	2010-04-16	Show	GitHub Exploit DB Packet Storm

240880	6.8	警告	DELL EMC (旧 EMC Corporation)	-	EMC RKM C Client における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1904	2012-06-26 16:19	2010-06-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267281	9.8	CRITICAL Network	projectsend	projectsend	ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to user…	CWE-287 Improper Authentication	CVE-2016-10732	2024-11-21 11:44	2018-10-29	Show	GitHub Exploit DB Packet Storm

267282	9.8	CRITICAL Network	projectsend	projectsend	ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter…	CWE-89 SQL Injection	CVE-2016-10731	2024-11-21 11:44	2018-10-29	Show	GitHub Exploit DB Packet Storm

267283	7.8	HIGH Local	zmanda redhat	amanda enterprise_linux	An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users direct…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-10730	2024-11-21 11:44	2018-10-25	Show	GitHub Exploit DB Packet Storm

267284	7.8	HIGH Local	zmanda redhat debian	amanda enterprise_linux debian_linux	An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied…	CWE-77 Command Injection	CVE-2016-10729	2024-11-21 11:44	2018-10-25	Show	GitHub Exploit DB Packet Storm

267285	5.3	MEDIUM Network	suricata-ids	suricata	An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The tocli…	CWE-20 Improper Input Validation	CVE-2016-10728	2024-11-21 11:44	2018-07-24	Show	GitHub Exploit DB Packet Storm

267286	9.8	CRITICAL Network	canonical gnome	ubuntu_linux evolution	camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS …	CWE-200 Information Exposure	CVE-2016-10727	2024-11-21 11:44	2018-07-20	Show	GitHub Exploit DB Packet Storm

267287	7.5	HIGH Network	duraspace	dspace	The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a path…	CWE-22 Path Traversal	CVE-2016-10726	2024-11-21 11:44	2018-07-10	Show	GitHub Exploit DB Packet Storm

267288	7.5	HIGH Network	bitcoin	bitcoin_core bitcoin-qt bitcoind	In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavio…	CWE-310 Cryptographic Issues	CVE-2016-10725	2024-11-21 11:44	2018-07-6	Show	GitHub Exploit DB Packet Storm

267289	7.5	HIGH Network	bitcoin	bitcoin_core bitcoin-qt bitcoind	Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote network alert system (deprecated since Q1 2016) if an attacker can sign a message with a certain priva…	CWE-400 Uncontrolled Resource Consumption	CVE-2016-10724	2024-11-21 11:44	2018-07-6	Show	GitHub Exploit DB Packet Storm

267290	8.8	HIGH Network	rails_admin_project	rails_admin	rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access…	CWE-352 Origin Validation Error	CVE-2016-10522	2024-11-21 11:44	2018-07-6	Show	GitHub Exploit DB Packet Storm