Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251061 4.3 警告 マイクロソフト - Microsoft mshtml.dll の sertIntoTimeoutList 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-3886 2012-03-27 18:42 2010-10-8 Show GitHub Exploit DB Packet Storm
251062 6.8 警告 CMS Made Simple - CMS Made Simple における管理者パスワードのリセット要求の管理者認証をハイジャックされる脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3884 2012-03-27 18:42 2010-10-8 Show GitHub Exploit DB Packet Storm
251063 6.8 警告 CMS Made Simple - CMS Made Simple の Change Group Permissions モジュールにおけるクロスサイトリクエストフォージェリ脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3883 2012-03-27 18:42 2010-10-8 Show GitHub Exploit DB Packet Storm
251064 4.3 警告 CMS Made Simple - CMS Made Simple におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3882 2012-03-27 18:42 2010-10-8 Show GitHub Exploit DB Packet Storm
251065 4.3 警告 レッドハット - Red Hat JBoss Enterprise Application Platform の JMX Console におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3878 2012-03-27 18:42 2010-12-1 Show GitHub Exploit DB Packet Storm
251066 4.3 警告 Mahara - Mahara の blocktype/groupviews/theme/raw/groupviews.tpl におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-3871 2012-03-27 18:42 2010-11-9 Show GitHub Exploit DB Packet Storm
251067 4 警告 レッドハット - RHCS および Dogtag Certificate System における任意の認証番号を生成される脆弱性 CWE-310
暗号の問題 		CVE-2010-3869 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
251068 5.8 警告 レッドハット - RHCS および Dogtag Certificate System における PIN を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-3868 2012-03-27 18:42 2010-11-8 Show GitHub Exploit DB Packet Storm
251069 2.6 注意 レッドハット - Red Hat JBoss Enterprise Application Platform および JBoss Enterprise Web Platform の Boss Remoting におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3862 2012-03-27 18:42 2010-12-8 Show GitHub Exploit DB Packet Storm
251070 6.4 警告 レッドハット - Red Hat Conga の Luciにおける repoze.who 認証をバイパスすることが容易になる脆弱性 CWE-287
不適切な認証 		CVE-2010-3852 2012-03-27 18:42 2010-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266921 5.9 MEDIUM
Network 		ibm security_privileged_identity_manager IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An a… CWE-200
Information Exposure 		CVE-2016-5966 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266922 9.8 CRITICAL
Network 		ibm security_privileged_identity_manager IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. CWE-284
Improper Access Control 		CVE-2016-5964 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266923 7.5 HIGH
Network 		ibm security_privileged_identity_manager IBM Security Privileged Identity Manager could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By interceptin… CWE-200
Information Exposure 		CVE-2016-5958 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266924 8.8 HIGH
Network 		ibm kenexa_lcms_premier IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete informati… CWE-89
SQL Injection 		CVE-2016-5952 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266925 5.4 MEDIUM
Network 		ibm kenexa_lcms_premier IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… CWE-79
Cross-site Scripting 		CVE-2016-5951 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266926 6.5 MEDIUM
Network 		ibm kenexa_lcms_premier IBM Kenexa LCMS Premier on Cloud stores user credentials in plain in clear text which can be read by an authenticated user. CWE-255
Credentials Management 		CVE-2016-5950 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266927 4.3 MEDIUM
Network 		ibm kenexa_lcms_premier IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to obtain sensitive user data with a specially crafted HTTP request. CWE-254
 7PK - Security Features 		CVE-2016-5949 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266928 5.4 MEDIUM
Network 		ibm kenexa_lcms_premier IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… CWE-79
Cross-site Scripting 		CVE-2016-5948 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266929 6.3 MEDIUM
Network 		ibm kenexa_lms_on_cloud IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the… CWE-89
SQL Injection 		CVE-2016-5939 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm
266930 8.8 HIGH
Network 		ibm kenexa_lcms_premier IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trust… CWE-352
 Origin Validation Error 		CVE-2016-5937 2024-11-21 11:55 2017-02-2 Show GitHub Exploit DB Packet Storm