Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251121 5 警告 Zikula Foundation - Zikula における乱数化をベースにした保護機能を破られる脆弱性 CWE-310
暗号の問題 		CVE-2010-4728 2012-03-27 18:42 2011-02-8 Show GitHub Exploit DB Packet Storm
251122 10 危険 Smarty - Smarty における詳細不明の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4727 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251123 10 危険 Smarty - Smarty の math プラグインにおける詳細不明の脆弱性 CWE-noinfo
情報不足 		CVE-2010-4726 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251124 10 危険 Smarty - Smarty における詳細不明の脆弱性 CWE-noinfo
情報不足 		CVE-2010-4725 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251125 10 危険 Smarty - Smarty のパーサー実装における詳細不明の脆弱性 CWE-noinfo
情報不足 		CVE-2010-4724 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251126 9.3 危険 Smarty - Smarty における詳細不明の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4723 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251127 10 危険 Smarty - Smarty の fetch プラグインにおける詳細不明の脆弱性 CWE-noinfo
情報不足 		CVE-2010-4722 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251128 7.5 危険 MH Products - Immo Makler の news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4721 2012-03-27 18:42 2011-02-1 Show GitHub Exploit DB Packet Storm
251129 7.5 危険 Joomla!
Jextensions		 - Joomla! の JExtensions JE Auto (com_jeauto) コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4720 2012-03-27 18:42 2011-02-1 Show GitHub Exploit DB Packet Storm
251130 7.5 危険 fxwebdesign - Joomla! の JRadio (com_jradio) コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4719 2012-03-27 18:42 2011-02-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267211 6.1 MEDIUM
Network 		plone plone Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web… CWE-79
Cross-site Scripting 		CVE-2016-7138 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
267212 6.1 MEDIUM
Network 		plone plone Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing… CWE-601
Open Redirect 		CVE-2016-7137 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
267213 6.1 MEDIUM
Network 		plone plone z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request. CWE-79
Cross-site Scripting 		CVE-2016-7136 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
267214 4.9 MEDIUM
Network 		plone plone Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a .. (dot dot) in the path parameter in a getFile ac… CWE-22
Path Traversal 		CVE-2016-7135 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
267215 9.8 CRITICAL
Network 		nefarious2_project nefarious2 The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE paramet… CWE-287
Improper Authentication 		CVE-2016-7145 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
267216 5.5 MEDIUM
Local 		dropbear_ssh_project dropbear_ssh The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident. CWE-200
Information Exposure 		CVE-2016-7409 2024-11-21 11:57 2017-03-4 Show GitHub Exploit DB Packet Storm
267217 8.8 HIGH
Network 		dropbear_ssh_project dropbear_ssh The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument. CWE-284
Improper Access Control 		CVE-2016-7408 2024-11-21 11:57 2017-03-4 Show GitHub Exploit DB Packet Storm
267218 9.8 CRITICAL
Network 		dropbear_ssh_project dropbear_ssh The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file. CWE-20
 Improper Input Validation  		CVE-2016-7407 2024-11-21 11:57 2017-03-4 Show GitHub Exploit DB Packet Storm
267219 9.8 CRITICAL
Network 		dropbear_ssh_project dropbear_ssh Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument. CWE-20
 Improper Input Validation  		CVE-2016-7406 2024-11-21 11:57 2017-03-4 Show GitHub Exploit DB Packet Storm
267220 6.5 MEDIUM
Network 		matrixssl matrixssl TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message. CWE-125
Out-of-bounds Read 		CVE-2016-6884 2024-11-21 11:57 2017-03-4 Show GitHub Exploit DB Packet Storm