Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241101 9.3 危険 e-soft.co - E-Soft DJ Studio Pro におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4656 2012-06-26 16:19 2010-03-3 Show GitHub Exploit DB Packet Storm
241102 4.3 警告 geccbblite - geccBBlite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4649 2012-06-26 16:19 2010-02-22 Show GitHub Exploit DB Packet Storm
241103 7.2 危険 Accellion - Accellion Secure File Transfer Appliance における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4648 2012-06-26 16:19 2010-02-19 Show GitHub Exploit DB Packet Storm
241104 4.3 警告 Accellion - Accellion Secure File Transfer Appliance におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4647 2012-06-26 16:19 2010-02-19 Show GitHub Exploit DB Packet Storm
241105 9 危険 Accellion - Accellion Secure File Transfer Appliance の管理用の Web インターフェースにおける任意のシェルコマンドを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4646 2012-06-26 16:19 2010-02-19 Show GitHub Exploit DB Packet Storm
241106 7.8 危険 Accellion - Accellion Secure File Transfer Appliance の web_client_user_guide.html におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4645 2012-06-26 16:19 2010-02-19 Show GitHub Exploit DB Packet Storm
241107 9 危険 Accellion - Accellion Secure File Transfer Appliance における任意コマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2009-4644 2012-06-26 16:19 2010-02-19 Show GitHub Exploit DB Packet Storm
241108 7.2 危険 GNOME Project - gnome-screensaver における画面がロックされている無人のワークステーションにアクセスされる脆弱性 CWE-Other
その他 		CVE-2009-4642 2012-06-26 16:19 2010-02-11 Show GitHub Exploit DB Packet Storm
241109 7.2 危険 GNOME Project - gnome-screensaver における画面がロックされている無人のワークステーションにアクセスされる脆弱性 CWE-Other
その他 		CVE-2009-4641 2012-06-26 16:19 2010-02-11 Show GitHub Exploit DB Packet Storm
241110 4.3 警告 FFmpeg - FFmpeg の vorbis_dec.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-4640 2012-06-26 16:19 2010-02-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267191 9.8 CRITICAL
Network 		phpmailer_project
wordpress
joomla 		phpmailer
wordpress
joomla\! 		The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction be… CWE-77
Command Injection 		CVE-2016-10045 2024-11-21 11:43 2016-12-31 Show GitHub Exploit DB Packet Storm
267192 9.8 CRITICAL
Network 		zend zend_framework
zend-mail 		The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extr… CWE-77
Command Injection 		CVE-2016-10034 2024-11-21 11:43 2016-12-31 Show GitHub Exploit DB Packet Storm
267193 7.0 HIGH
Local 		linux linux_kernel The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitra… CWE-416
 Use After Free 		CVE-2016-10088 2024-11-21 11:43 2016-12-31 Show GitHub Exploit DB Packet Storm
267194 7.2 HIGH
Network 		piwigo piwigo admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter. CWE-284
Improper Access Control 		CVE-2016-10085 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm
267195 7.2 HIGH
Network 		piwigo piwigo admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page['tab'] variable (aka the mode parameter). CWE-284
Improper Access Control 		CVE-2016-10084 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm
267196 6.1 MEDIUM
Network 		piwigo piwigo Cross-site scripting (XSS) vulnerability in admin/plugin.php in Piwigo through 2.8.3 allows remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in a cert… CWE-79
Cross-site Scripting 		CVE-2016-10083 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm
267197 9.8 CRITICAL
Network 		s9y serendipity include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the… CWE-284
Improper Access Control 		CVE-2016-10082 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm
267198 7.8 HIGH
Local 		shutter-project shutter /usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action. CWE-19
 Data Processing Errors 		CVE-2016-10081 2024-11-21 11:43 2016-12-30 Show GitHub Exploit DB Packet Storm
267199 7.5 HIGH
Local 		wampserver wampserver WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary co… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-10072 2024-11-21 11:43 2016-12-27 Show GitHub Exploit DB Packet Storm
267200 7.5 HIGH
Local 		wampserver wampserver WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged l… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-10031 2024-11-21 11:43 2016-12-27 Show GitHub Exploit DB Packet Storm