Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241481 7.5 危険 comscripts - Web Server Creator - Web Portal における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1114 2012-06-26 16:19 2010-03-25 Show GitHub Exploit DB Packet Storm
241482 4.3 警告 comscripts - Web Server Creator - Web Portal の forum ページにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1113 2012-06-26 16:19 2010-03-25 Show GitHub Exploit DB Packet Storm
241483 4.3 警告 easysitenetwork - Jokes Complete Website におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1111 2012-06-26 16:19 2010-03-25 Show GitHub Exploit DB Packet Storm
241484 5 警告 djayp - phpMySport の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1110 2012-06-26 16:19 2010-03-25 Show GitHub Exploit DB Packet Storm
241485 6.8 警告 djayp - phpMySport の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1109 2012-06-26 16:19 2010-03-25 Show GitHub Exploit DB Packet Storm
241486 3.5 注意 Drupal
Four Kitchens		 - Drupal の Recent Comments モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1107 2012-06-26 16:19 2010-01-20 Show GitHub Exploit DB Packet Storm
241487 7.5 危険 advertisementmanager - AdvertisementManager の cgi/index.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1106 2012-06-26 16:19 2010-03-25 Show GitHub Exploit DB Packet Storm
241488 4.3 警告 advertisementmanager - AdvertisementManager の cgi/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1105 2012-06-26 16:19 2010-03-25 Show GitHub Exploit DB Packet Storm
241489 5 警告 arora - Arora における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1100 2012-06-26 16:19 2010-03-24 Show GitHub Exploit DB Packet Storm
241490 5 警告 アップル - Apple Safari における整数オーバーフローの脆弱性 CWE-189
CWE-264
CVE-2010-1099 2012-06-26 16:19 2010-03-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266561 7.5 HIGH
Network 		bmc remedy_action_request_system Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password. CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2016-2349 2024-11-21 11:48 2016-12-22 Show GitHub Exploit DB Packet Storm
266562 9.8 CRITICAL
Network 		dotcms dotcms SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1. CWE-89
SQL Injection 		CVE-2016-2355 2024-11-21 11:48 2016-12-20 Show GitHub Exploit DB Packet Storm
266563 6.1 MEDIUM
Network 		open-xchange open-xchange_appsuite An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. The "session" parameter for file-download requests can be used to inject script code that gets reflected through the… CWE-79
Cross-site Scripting 		CVE-2016-2840 2024-11-21 11:48 2016-12-15 Show GitHub Exploit DB Packet Storm
266564 7.8 HIGH
Local 		7-zip
fedoraproject
oracle 		7-zip
fedora
solaris 		Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2334 2024-11-21 11:48 2016-12-14 Show GitHub Exploit DB Packet Storm
266565 8.0 HIGH
Network 		ibm qradar_security_information_and_event_manager Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for r… CWE-352
 Origin Validation Error 		CVE-2016-2878 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266566 3.3 LOW
Local 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file. CWE-275
 Permission Issues 		CVE-2016-2877 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266567 7.5 HIGH
Network 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access… CWE-264
CWE-78
Permissions, Privileges, and Access Controls
OS Command  		CVE-2016-2876 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266568 3.1 LOW
Network 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which allows remote authenticated users to obtain sensitive information via unspecified vectors. CWE-284
Improper Access Control 		CVE-2016-2874 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266569 8.8 HIGH
Network 		ibm qradar_security_information_and_event_manager SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2016-2873 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266570 7.8 HIGH
Local 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file. CWE-255
Credentials Management 		CVE-2016-2871 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm