Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251121 6.9 警告 salome-platform - SALOME の runSalome スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3377 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
251122 6.9 警告 CERN - ROOT の proofserv などのスクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3376 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
251123 6.9 警告 ノキア - Qt Creator における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3374 2012-03-27 18:42 2010-10-4 Show GitHub Exploit DB Packet Storm
251124 6.9 警告 nordugrid - NorduGrid ARC における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-3372 2012-03-27 18:42 2010-10-29 Show GitHub Exploit DB Packet Storm
251125 6.9 警告 Debian - mono-debugger の mdb スクリプトおよび mdb-symbolreader スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3369 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
251126 6.9 警告 zeus.physik.uni-bonn - Mn_Fit における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3366 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
251127 6.9 警告 mistelix - Mistelix における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3365 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
251128 6.9 警告 vips - VIPS の vips-7.22 スクリプトにおける権限を取得される脆弱性 CWE-DesignError
CVE-2010-3364 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
251129 6.9 警告 roaraudio - roaraudio の roarify における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3363 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
251130 6.9 警告 last - lastfm における権限を取得される脆弱性 CWE-DesignError
CVE-2010-3362 2012-03-27 18:42 2010-10-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
287551 - mtouch_quiz_project mtouch_quiz Multiple cross-site scripting (XSS) vulnerabilities in question.php in the mTouch Quiz before 3.0.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the quiz parameter … CWE-79
Cross-site Scripting 		CVE-2014-100023 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287552 - mtouch_quiz_project mtouch_quiz SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php. CWE-89
SQL Injection 		CVE-2014-100022 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287553 - orangehrm orangehrm Cross-site scripting (XSS) vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearch[emplo… CWE-79
Cross-site Scripting 		CVE-2014-100021 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287554 - itechscripts itechclassifieds SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is alrea… CWE-89
SQL Injection 		CVE-2014-100020 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287555 - pomm-project pomm SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2014-100019 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287556 - unconfirmed_project unconfirmed Cross-site scripting (XSS) vulnerability in the Unconfirmed plugin before 1.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in the unconfirmed pag… CWE-79
Cross-site Scripting 		CVE-2014-100018 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287557 - phponlinechat phponlinechat Cross-site scripting (XSS) vulnerability in canned_opr.php in PhpOnlineChat 3.0 allows remote attackers to inject arbitrary web script or HTML via the message field. CWE-79
Cross-site Scripting 		CVE-2014-100017 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287558 - photocati_media photocrati Cross-site scripting (XSS) vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prod_id par… CWE-79
Cross-site Scripting 		CVE-2014-100016 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287559 - solidworks product_data_management Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload. CWE-22
Path Traversal 		CVE-2014-100015 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm
287560 - solidworks product_data_management Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks Workgroup PDM 2014 SP2 allow remote attackers to execute arbitrary code via a long string in a (1) 2001, (2) 2002, or (3) 2003 o… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-100014 2024-11-21 11:03 2015-01-14 Show GitHub Exploit DB Packet Storm