Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251111	4.3	警告	Horde	-	Horde DIMP および Horde Groupware Webmail Edition におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3693	2012-03-27 18:42	2011-04-4	Show	GitHub Exploit DB Packet Storm

251112	6.8	警告	Horde	-	Horde Application Framework におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3694	2012-03-27 18:42	2010-11-9	Show	GitHub Exploit DB Packet Storm

251113	6.4	警告	Jasig	-	phpCAS の callback 関数におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3692	2012-03-27 18:42	2010-10-7	Show	GitHub Exploit DB Packet Storm

251114	3.3	注意	Jasig	-	phpCAS の PGTStorage/pgt-file.php における任意のファイルを上書きされる脆弱性	CWE-59 リンク解釈の問題	CVE-2010-3691	2012-03-27 18:42	2010-10-7	Show	GitHub Exploit DB Packet Storm

251115	4.3	警告	Jasig	-	phpCAS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3690	2012-03-27 18:42	2010-10-7	Show	GitHub Exploit DB Packet Storm

251116	7.5	危険	NetArt Media	-	NetArtMEDIA WebSiteAdmin の ADMIN/login.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3688	2012-03-27 18:42	2010-09-29	Show	GitHub Exploit DB Packet Storm

251117	5	警告	Alex Kellner TYPO3 Association	-	TYPO3 の powermail extension における検証を回避される脆弱性	CWE-noinfo 情報不足	CVE-2010-3687	2012-03-27 18:42	2010-09-22	Show	GitHub Exploit DB Packet Storm

251118	2.1	注意	Synology Inc.	-	Synology Disk Station の FTP 認証モジュールにおける重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-3684	2012-03-27 18:42	2010-09-29	Show	GitHub Exploit DB Packet Storm

251119	7.5	危険	wire plastic design	-	wpQuiz における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3608	2012-03-27 18:42	2010-09-24	Show	GitHub Exploit DB Packet Storm

251120	4.3	警告	NetArt Media	-	NetArt MEDIA Real Estate Portal の AGENTS/index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3607	2012-03-27 18:42	2010-09-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
281701	-	oracle canonical fedoraproject freetype debian opensuse redhat	solaris ubuntu_linux fedora freetype debian_linux opensuse enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server_eus enterprise_linux_server ente…	The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or…	CWE-125 Out-of-bounds Read	CVE-2014-9658	2024-11-21 11:21	2015-02-8	Show	GitHub Exploit DB Packet Storm

281702	-	opensuse redhat oracle fedoraproject freetype debian canonical	opensuse enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server_eus enterprise_linux_server enterprise_linux_hpc_node enterprise_linux_hpc_node_eus solaris…	The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read)…	CWE-125 Out-of-bounds Read	CVE-2014-9657	2024-11-21 11:21	2015-02-8	Show	GitHub Exploit DB Packet Storm

281703	-	fedoraproject freetype debian opensuse canonical	fedora freetype debian_linux opensuse ubuntu_linux	The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-b…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9656	2024-11-21 11:21	2015-02-8	Show	GitHub Exploit DB Packet Storm

281704	-	k7computing	k7sentry.sys anti-virus_plus total_security ultimate_security	K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9643	2024-11-21 11:21	2015-02-7	Show	GitHub Exploit DB Packet Storm

281705	-	bullguard	bdagent.sys internet_security online_backup premium_protection	bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain priv…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9642	2024-11-21 11:21	2015-02-7	Show	GitHub Exploit DB Packet Storm

281706	-	trendmicro	tmeext.sys	The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privile…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9641	2024-11-21 11:21	2015-02-7	Show	GitHub Exploit DB Packet Storm

281707	-	unzip_project canonical debian fedoraproject	unzip ubuntu_linux debian_linux fedora	unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip arc…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-9636	2024-11-21 11:21	2015-02-7	Show	GitHub Exploit DB Packet Storm

281708	-	avg	protection internet_security	The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9632	2024-11-21 11:21	2015-02-7	Show	GitHub Exploit DB Packet Storm

281709	-	m2_technologies	optimalsite	Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 OptimalSite 0.1 and 2.4 allows remote attackers to inject arbitrary web script or HTML via the image parameter.	CWE-79 Cross-site Scripting	CVE-2014-9562	2024-11-21 11:21	2015-02-5	Show	GitHub Exploit DB Packet Storm

281710	-	comodo	backup	The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-9633	2024-11-21 11:21	2015-02-4	Show	GitHub Exploit DB Packet Storm