Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251011 6.9 警告 gnucash - GnuCash の gnc-test-env における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3999 2012-03-27 18:42 2010-11-5 Show GitHub Exploit DB Packet Storm
251012 6.9 警告 banshee-project - Banshee の banshee-1 スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3998 2012-03-27 18:42 2010-11-5 Show GitHub Exploit DB Packet Storm
251013 6.9 警告 cstr - CSTR Festival の festival_server における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3996 2012-03-27 18:42 2010-11-5 Show GitHub Exploit DB Packet Storm
251014 4.3 警告 ヒューレット・パッカード - HP VCRM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3994 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
251015 6.4 警告 ヒューレット・パッカード - HP Insight Control Server Migration における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3993 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
251016 9 危険 ヒューレット・パッカード - HP Insight Control Server Migration における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3992 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
251017 10 危険 Novell - SUSE Linux Enterprise の supportconfig スクリプトにおける脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-3912 2012-03-27 18:42 2011-01-12 Show GitHub Exploit DB Packet Storm
251018 4.3 警告 ヒューレット・パッカード - HP Insight Control Server Migration におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3991 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
251019 5 警告 ヒューレット・パッカード - HP Virtual Server Environment における任意のファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2010-3990 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
251020 6.8 警告 ヒューレット・パッカード - HP Insight Control Virtual Machine Management におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3989 2012-03-27 18:42 2010-10-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266631 5.5 MEDIUM
Local 		lepton_project lepton The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds write) via a crafted jpeg file. CWE-787
 Out-of-bounds Write 		CVE-2016-6237 2024-11-21 11:55 2017-02-3 Show GitHub Exploit DB Packet Storm
266632 5.5 MEDIUM
Local 		lepton_project lepton The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file. CWE-125
Out-of-bounds Read 		CVE-2016-6236 2024-11-21 11:55 2017-02-3 Show GitHub Exploit DB Packet Storm
266633 5.5 MEDIUM
Local 		lepton_project lepton The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted jpeg file. CWE-399
 Resource Management Errors 		CVE-2016-6235 2024-11-21 11:55 2017-02-3 Show GitHub Exploit DB Packet Storm
266634 5.5 MEDIUM
Local 		lepton_project lepton The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file. CWE-20
 Improper Input Validation  		CVE-2016-6234 2024-11-21 11:55 2017-02-3 Show GitHub Exploit DB Packet Storm
266635 7.2 HIGH
Network 		ibm spectrum_scale
general_parallel_file_system 		IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-6115 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266636 6.5 MEDIUM
Local 		ibm tivoli_storage_manager
tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware 		IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. CWE-255
Credentials Management 		CVE-2016-6110 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266637 7.5 HIGH
Network 		ibm urbancode_deploy IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. CWE-200
Information Exposure 		CVE-2016-6068 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266638 3.1 LOW
Network 		ibm forms_experience_builder IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2016-6001 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266639 3.7 LOW
Network 		ibm sterling_selling_and_fulfillment_foundation IBM Sterling Order Management transmits the session identifier within the URL. When a user is unable to view a certain view due to not being allowed permissions, the website responds with an error pa… CWE-200
Information Exposure 		CVE-2016-5953 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266640 5.4 MEDIUM
Network 		ibm kenexa_lms IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially le… CWE-79
Cross-site Scripting 		CVE-2016-5942 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm