Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242531	7.5	危険	danny ho	-	OES における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-2132	2012-06-26 16:19	2010-06-2	Show	GitHub Exploit DB Packet Storm

242532	4.3	警告	arisglobal	-	Aris Global ARISg の wflogin.jsp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2130	2012-06-26 16:19	2010-06-2	Show	GitHub Exploit DB Packet Storm

242533	7.5	危険	bartels-schoene	-	Bartels Schone ConPresso の firma.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2124	2012-06-26 16:19	2010-06-1	Show	GitHub Exploit DB Packet Storm

242534	2.6	注意	brekeke	-	Brekeke PBX の pbx/gate におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-2114	2012-06-26 16:19	2010-05-28	Show	GitHub Exploit DB Packet Storm

242535	4.3	警告	Apache Software Foundation	-	SAP Business Objects などで使用される Apache Axis2/Java の axis2-admin/axis2-admin/engagingglobally におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2103	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

242536	7.5	危険	e107.org	-	e107 の bbcode/php.bb における PHP リモートファイルインクルージョンの脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2099	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

242537	7.5	危険	e107.org	-	e107 の usersettings.php におけるSQL インジェクション攻撃を誘発される脆弱性	CWE-Other その他	CVE-2010-2098	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

242538	7.5	危険	cmsqlite	-	CMSQlite の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-2096	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

242539	7.5	危険	cmsqlite	-	CMSQlite の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2095	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

242540	7.5	危険	The Cacti Group	-	Cacti の graph.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-2092	2012-06-26 16:19	2010-05-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268981	9.8	CRITICAL Network	cisco	ucs_invicta_c3124sa_appliance	Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1313	2024-11-21 11:46	2016-04-7	Show	GitHub Exploit DB Packet Storm

268982	9.8	CRITICAL Network	cisco sun	prime_infrastructure opensolaris evolved_programmable_network_manager	Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POS…	CWE-20 Improper Input Validation	CVE-2016-1291	2024-11-21 11:46	2016-04-7	Show	GitHub Exploit DB Packet Storm

268983	8.1	HIGH Network	cisco sun	prime_infrastructure opensolaris evolved_programmable_network_manager	The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gai…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1290	2024-11-21 11:46	2016-04-7	Show	GitHub Exploit DB Packet Storm

268984	7.5	HIGH Network	cisco	firesight_system_software asa_with_firepower_services	Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka B…	CWE-20 Improper Input Validation	CVE-2016-1345	2024-11-21 11:46	2016-04-1	Show	GitHub Exploit DB Packet Storm

268985	8.8	HIGH Network	opensuse debian google	opensuse debian_linux chrome	The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of servi…	NVD-CWE-noinfo	CVE-2016-1650	2024-11-21 11:46	2016-03-29	Show	GitHub Exploit DB Packet Storm

268986	8.8	HIGH Network	debian canonical opensuse google	debian_linux ubuntu_linux opensuse chrome	The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attacker…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1649	2024-11-21 11:46	2016-03-29	Show	GitHub Exploit DB Packet Storm

268987	8.8	HIGH Network	google opensuse debian	chrome opensuse debian_linux	Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to…	NVD-CWE-Other	CVE-2016-1648	2024-11-21 11:46	2016-03-29	Show	GitHub Exploit DB Packet Storm

268988	8.8	HIGH Network	google canonical debian opensuse	chrome ubuntu_linux debian_linux opensuse	Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.26…	NVD-CWE-Other	CVE-2016-1647	2024-11-21 11:46	2016-03-29	Show	GitHub Exploit DB Packet Storm

268989	6.1	MEDIUM Network	sun	opensolaris	Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (CDM) 8.1(1) allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bu…	CWE-79 Cross-site Scripting	CVE-2016-1314	2024-11-21 11:46	2016-03-29	Show	GitHub Exploit DB Packet Storm

268990	7.5	HIGH Network	cisco	nx-os ios	The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header…	CWE-20 CWE-399 Improper Input Validation Resource Management Errors	CVE-2016-1351	2024-11-21 11:46	2016-03-26	Show	GitHub Exploit DB Packet Storm