Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
243201	5.8	警告	Debian	-	dpkg の dpkg-source コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0396	2012-06-26 16:19	2010-03-10	Show	GitHub Exploit DB Packet Storm

243202	7.5	危険	エンバカデロ・テクノロジーズ	-	Embarcadero Technologies InterBase SMP 2009 におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0391	2012-06-26 16:19	2010-01-26	Show	GitHub Exploit DB Packet Storm

243203	9.3	危険	マイクロソフトアドビシステムズ	-	Microsoft Windows XP に同梱されている Adobe Flash Player の Macromedia Flash ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-0379	2012-06-26 16:19	2010-01-12	Show	GitHub Exploit DB Packet Storm

243204	4.3	警告	codingfish Joomla!	-	Joomla! の marketplace コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0374	2012-06-26 16:19	2010-01-21	Show	GitHub Exploit DB Packet Storm

243205	7.5	危険	bitscripts	-	BitScripts Bits Video Script における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-0367	2012-06-26 16:19	2010-01-21	Show	GitHub Exploit DB Packet Storm

243206	6.8	警告	bitscripts	-	BitScripts Bits Video Script の register.php における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0366	2012-06-26 16:19	2010-01-21	Show	GitHub Exploit DB Packet Storm

243207	4.3	警告	bitscripts	-	BitScripts Bits Video Script の search.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0365	2012-06-26 16:19	2010-01-21	Show	GitHub Exploit DB Packet Storm

243208	7.5	危険	TYPO3 Association arco van geest	-	TYPO3 の Photo Book 拡張におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0350	2012-06-26 16:19	2010-01-15	Show	GitHub Exploit DB Packet Storm

243209	7.5	危険	Alex Kellner TYPO3 Association	-	TYPO3 の powermail extension における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0329	2012-06-26 16:19	2010-01-15	Show	GitHub Exploit DB Packet Storm

243210	4.3	警告	francois suter TYPO3 Association	-	TYPO3 の evlog 拡張におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0326	2012-06-26 16:19	2010-01-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
267951	6.1	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.	CWE-79 Cross-site Scripting	CVE-2016-4906	2024-11-21 11:53	2017-06-10	Show	GitHub Exploit DB Packet Storm

267952	7.8	HIGH Local	jpki	the_public_certification_service_for_individuals the_public_certification_service_for_individuals_for_windows_vista the_public_certification_service_for_individuals_for_windows_7	Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for…	CWE-426 Untrusted Search Path	CVE-2016-4902	2024-11-21 11:53	2017-06-10	Show	GitHub Exploit DB Packet Storm

267953	7.5	HIGH Network	redhat	enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_hpc_node	389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstat…	CWE-200 Information Exposure	CVE-2016-4992	2024-11-21 11:53	2017-06-9	Show	GitHub Exploit DB Packet Storm

267954	7.8	HIGH Local	gnu	libssp	Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Si…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-4973	2024-11-21 11:53	2017-06-8	Show	GitHub Exploit DB Packet Storm

267955	6.5	MEDIUM Network	apache	ws-xmlrpc	The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service (resource consumption) by decompressing a large file contain…	CWE-400 Uncontrolled Resource Consumption	CVE-2016-5004	2024-11-21 11:53	2017-06-7	Show	GitHub Exploit DB Packet Storm

267956	8.8	HIGH Network	pivotal	spring_security_oauth	When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabl…	CWE-19 Data Processing Errors	CVE-2016-4977	2024-11-21 11:53	2017-05-26	Show	GitHub Exploit DB Packet Storm

267957	7.5	HIGH Network	pivotal_software vmware	spring_framework spring_security	Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Diffe…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-5007	2024-11-21 11:53	2017-05-26	Show	GitHub Exploit DB Packet Storm

267958	9.8	CRITICAL Network	google opensuse debian redhat fedoraproject	chrome leap opensuse debian_linux enterprise_linux_server_supplementary enterprise_linux_workstation_supplementary fedora	Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.	CWE-20 Improper Input Validation	CVE-2016-5178	2024-11-21 11:53	2017-05-23	Show	GitHub Exploit DB Packet Storm

267959	8.8	HIGH Network	google opensuse debian redhat fedoraproject	chrome leap opensuse debian_linux enterprise_linux_server_supplementary enterprise_linux_workstation_supplementary fedora	Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.	CWE-416 Use After Free	CVE-2016-5177	2024-11-21 11:53	2017-05-23	Show	GitHub Exploit DB Packet Storm

267960	9.8	CRITICAL Network	wp-olivecart	olivecart olivecartpro	SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via un…	CWE-89 SQL Injection	CVE-2016-4905	2024-11-21 11:53	2017-05-23	Show	GitHub Exploit DB Packet Storm