Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250861 7.5 危険 Symphony CMS - Symphony CMS の lib/toolkit/events/event.section.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3458 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
250862 4.3 警告 Symphony CMS - Symphony CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3457 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
250863 5 警告 energyscripts - ES Simple Download の download.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3456 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
250864 4.3 警告 ATutor - AChecker の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3455 2012-03-27 18:42 2010-09-17 Show GitHub Exploit DB Packet Storm
250865 6.8 警告 FFmpeg
mplayerhq		 - MPlayer などの製品で使用される FFmpeg の flicvideo.c における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3429 2012-03-27 18:42 2010-09-30 Show GitHub Exploit DB Packet Storm
250866 7.5 危険 Intermesh - Intermesh Group-Office の modules/notes/json.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-3428 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
250867 4.3 警告 Open Classifieds - Open Classifieds におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3427 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
250868 7.5 危険 4you-studio - Joomla! 用の Alpha の JPhone (com_jphone) コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-3426 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
250869 4.3 警告 SmarterTools Inc. - SmarterStats の UserControls/Popups/frmHelp.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3425 2012-03-27 18:42 2010-09-16 Show GitHub Exploit DB Packet Storm
250870 4.3 警告 Invision Power Services, Inc - IP.Board の admin/sources/classes/bbcode/custom/defaults.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3424 2012-03-27 18:42 2010-09-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268701 8.4 HIGH
Local 		symantec mail_security_for_microsoft_exchange
norton_power_eraser
protection_engine
endpoint_protection
message_gateway
norton_360
norton_antivirus
norton_internet_security
norton_secu… 		The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SE… CWE-20
 Improper Input Validation  		CVE-2016-2207 2024-11-21 11:48 2016-07-1 Show GitHub Exploit DB Packet Storm
268702 7.5 HIGH
Network 		fonality hud_web
fonality 		The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously trixbox Pro) 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote … CWE-310
NVD-CWE-Other
Cryptographic Issues 		CVE-2016-2364 2024-11-21 11:48 2016-06-20 Show GitHub Exploit DB Packet Storm
268703 7.8 HIGH
Local 		fonality fonality Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-2363 2024-11-21 11:48 2016-06-20 Show GitHub Exploit DB Packet Storm
268704 9.8 CRITICAL
Network 		fonality fonality Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a (1) FTP or (2) SSH connection. NVD-CWE-Other
CVE-2016-2362 2024-11-21 11:48 2016-06-20 Show GitHub Exploit DB Packet Storm
268705 6.0 MEDIUM
Local 		qemu
canonical 		qemu
ubuntu_linux 		The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU proces… CWE-20
 Improper Input Validation  		CVE-2016-2841 2024-11-21 11:48 2016-06-17 Show GitHub Exploit DB Packet Storm
268706 7.1 HIGH
Local 		qemu qemu Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain s… CWE-189
Numeric Errors 		CVE-2016-2538 2024-11-21 11:48 2016-06-17 Show GitHub Exploit DB Packet Storm
268707 6.5 MEDIUM
Local 		qemu
canonical 		qemu
ubuntu_linux 		The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administr… NVD-CWE-Other
CVE-2016-2392 2024-11-21 11:48 2016-06-17 Show GitHub Exploit DB Packet Storm
268708 5.0 MEDIUM
Local 		qemu
canonical
debian 		qemu
ubuntu_linux
debian_linux 		The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process … CWE-476
 NULL Pointer Dereference 		CVE-2016-2391 2024-11-21 11:48 2016-06-17 Show GitHub Exploit DB Packet Storm
268709 8.8 HIGH
Network 		canonical
opensuse
mozilla
novell 		ubuntu_linux
leap
opensuse
network_security_services
firefox
suse_linux_enterprise_server
suse_linux_enterprise_desktop
suse_linux_enterprise_software_development_kit 		Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly… NVD-CWE-noinfo
CVE-2016-2834 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm
268710 6.1 MEDIUM
Network 		opensuse
mozilla
canonical 		leap
opensuse
firefox
ubuntu_linux 		Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks vi… CWE-79
CWE-254
Cross-site Scripting
 7PK - Security Features 		CVE-2016-2833 2024-11-21 11:48 2016-06-13 Show GitHub Exploit DB Packet Storm