Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
241291	6.2	警告	Comodo	-	Windows XP 上で稼働する Comodo Internet Security におけるカーネルモードのフックハンドラを回避される脆弱性	CWE-362 競合状態	CVE-2010-5157	2012-09-5 11:39	2010-06-2	Show	GitHub Exploit DB Packet Storm

241292	4.3	警告	Fusion Drupal Themes	-	Drupal 用 Fusion モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2083	2012-09-5 11:37	2012-03-28	Show	GitHub Exploit DB Packet Storm

241293	5.8	警告	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition におけるオープンリダイレクトの脆弱性	CWE-Other その他	CVE-2011-4951	2012-09-5 11:37	2011-08-4	Show	GitHub Exploit DB Packet Storm

241294	4.3	警告	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4950	2012-09-5 11:35	2011-08-4	Show	GitHub Exploit DB Packet Storm

241295	7.5	危険	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4949	2012-09-5 11:34	2011-08-4	Show	GitHub Exploit DB Packet Storm

241296	5	警告	EGroupware	-	EGroupware Enterprise Line および EGroupware Community Edition におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-4948	2012-09-5 11:34	2011-08-4	Show	GitHub Exploit DB Packet Storm

241297	6.8	警告	e107.org	-	e107 の e107_admin/users_extended.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-4947	2012-09-5 11:33	2011-05-28	Show	GitHub Exploit DB Packet Storm

241298	6.8	警告	e107.org	-	e107 の e107_admin/users_extended.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4946	2012-09-5 11:26	2011-05-28	Show	GitHub Exploit DB Packet Storm

241299	4.3	警告	SpamTitan Technologies	-	SpamTitan におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5150	2012-09-5 11:25	2012-08-31	Show	GitHub Exploit DB Packet Storm

241300	4.3	警告	SpamTitan Technologies	-	SpamTitan におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5149	2012-09-5 11:25	2012-08-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266281	6.5	MEDIUM Network	freeipa oracle fedoraproject	freeipa linux fedora	The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certifi…	CWE-284 Improper Access Control	CVE-2016-5404	2024-11-21 11:54	2016-09-8	Show	GitHub Exploit DB Packet Storm

266282	8.8	HIGH Network	redhat	jboss_operations_network	The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admi…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-5422	2024-11-21 11:54	2016-09-8	Show	GitHub Exploit DB Packet Storm

266283	5.3	MEDIUM Network	jose-php_project	jose-php	The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain clea…	CWE-310 CWE-200 Cryptographic Issues Information Exposure	CVE-2016-5430	2024-11-21 11:54	2016-09-4	Show	GitHub Exploit DB Packet Storm

266284	3.7	LOW Network	jose-php_project	jose-php	jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, related to JWE.php and…	CWE-200 Information Exposure	CVE-2016-5429	2024-11-21 11:54	2016-09-4	Show	GitHub Exploit DB Packet Storm

266285	6.1	MEDIUM Network	python	python	CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP…	CWE-113 HTTP Response Splitting	CVE-2016-5699	2024-11-21 11:54	2016-09-2	Show	GitHub Exploit DB Packet Storm

266286	9.8	CRITICAL Network	python	python	Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negat…	CWE-190 Integer Overflow or Wraparound	CVE-2016-5636	2024-11-21 11:54	2016-09-2	Show	GitHub Exploit DB Packet Storm

266287	8.8	HIGH Network	nuuo netgear	nvrmini_2 readynas_surveillance	Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn pa…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-5680	2024-11-21 11:54	2016-09-1	Show	GitHub Exploit DB Packet Storm

266288	8.8	HIGH Network	nuuo netgear	nvrmini_2 readynas_surveillance	cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn param…	CWE-78 OS Command	CVE-2016-5679	2024-11-21 11:54	2016-09-1	Show	GitHub Exploit DB Packet Storm

266289	9.8	CRITICAL Network	nuuo	nvrmini_2 nvrsolo	NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.	CWE-798 Use of Hard-coded Credentials	CVE-2016-5678	2024-11-21 11:54	2016-09-1	Show	GitHub Exploit DB Packet Storm

266290	7.5	HIGH Network	netgear nuuo	readynas_surveillance nvrmini_2 nvrsolo	NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows…	CWE-200 Information Exposure	CVE-2016-5677	2024-11-21 11:54	2016-09-1	Show	GitHub Exploit DB Packet Storm