Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 2:06 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243271 7.5 危険 eZ - eZ Publish における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2672 2012-06-26 16:19 2010-07-8 Show GitHub Exploit DB Packet Storm
243272 4.3 警告 eZ - eZ Publish の advancedsearch.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2671 2012-06-26 16:19 2010-07-8 Show GitHub Exploit DB Packet Storm
243273 7.5 危険 BrotherScripts - BrotherScripts Recipe Website の recipedetail.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2670 2012-06-26 16:19 2010-07-8 Show GitHub Exploit DB Packet Storm
243274 6.4 警告 adaptivedisplays - Adaptive Micro Systems ALPHA Ethernet Adapter II Web-Manager における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2010-2668 2012-06-26 16:19 2010-07-8 Show GitHub Exploit DB Packet Storm
243275 7.8 危険 DELL EMC (旧 EMC Corporation) - EDL におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-2633 2012-06-26 16:19 2010-08-2 Show GitHub Exploit DB Packet Storm
243276 7.5 危険 シスコシステムズ - Cisco CSS 11500 および ACE 4710 における意図したヘッダ挿入を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2629 2012-06-26 16:19 2010-07-6 Show GitHub Exploit DB Packet Storm
243277 6.8 警告 ea - Battlefield の Refractor エンジンにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-2627 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
243278 4.3 警告 grafik-power - Grafik CMS の admin/admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2615 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
243279 7.5 危険 grafik-power - Grafik CMS の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2614 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
243280 7.5 危険 2daybiz - 2daybiz Job Site Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2610 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267911 4.7 MEDIUM
Local 		google android In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. CWE-200
Information Exposure 		CVE-2016-5347 2024-11-21 11:54 2017-08-17 Show GitHub Exploit DB Packet Storm
267912 8.8 HIGH
Network 		puppet puppet_enterprise The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node. CWE-134
Use of Externally-Controlled Format String 		CVE-2016-5716 2024-11-21 11:54 2017-08-9 Show GitHub Exploit DB Packet Storm
267913 6.1 MEDIUM
Network 		apache sling In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to … CWE-79
Cross-site Scripting 		CVE-2016-5394 2024-11-21 11:54 2017-07-20 Show GitHub Exploit DB Packet Storm
267914 7.5 HIGH
Network 		freeipa freeipa FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services. CWE-284
Improper Access Control 		CVE-2016-5414 2024-11-21 11:54 2017-06-28 Show GitHub Exploit DB Packet Storm
267915 7.5 HIGH
Network 		libreswan
fedoraproject 		libreswan
fedora 		libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). CWE-476
 NULL Pointer Dereference 		CVE-2016-5391 2024-11-21 11:54 2017-06-14 Show GitHub Exploit DB Packet Storm
267916 9.8 CRITICAL
Network 		redhat quickstart_cloud_installer /var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer (QCI) before 1.0 GA is created world readable and contains the root password of the deployed system. CWE-255
Credentials Management 		CVE-2016-5411 2024-11-21 11:54 2017-06-14 Show GitHub Exploit DB Packet Storm
267917 5.3 MEDIUM
Network 		acer acer_portal Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate. CWE-295
Improper Certificate Validation  		CVE-2016-5648 2024-11-21 11:54 2017-06-9 Show GitHub Exploit DB Packet Storm
267918 7.5 HIGH
Network 		redhat enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node 		389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstat… CWE-200
Information Exposure 		CVE-2016-5416 2024-11-21 11:54 2017-06-9 Show GitHub Exploit DB Packet Storm
267919 9.8 CRITICAL
Network 		redhat enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node 		389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstat… CWE-199
 Information Management Errors 		CVE-2016-5405 2024-11-21 11:54 2017-06-9 Show GitHub Exploit DB Packet Storm
267920 7.8 HIGH
Local 		pngquant pngquant Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. CWE-190
 Integer Overflow or Wraparound 		CVE-2016-5735 2024-11-21 11:54 2017-05-23 Show GitHub Exploit DB Packet Storm