Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251201	4.3	警告	Symphony CMS	-	Symphony CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3457	2012-03-27 18:42	2010-09-17	Show	GitHub Exploit DB Packet Storm

251202	5	警告	energyscripts	-	ES Simple Download の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3456	2012-03-27 18:42	2010-09-17	Show	GitHub Exploit DB Packet Storm

251203	4.3	警告	ATutor	-	AChecker の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3455	2012-03-27 18:42	2010-09-17	Show	GitHub Exploit DB Packet Storm

251204	6.8	警告	FFmpeg mplayerhq	-	MPlayer などの製品で使用される FFmpeg の flicvideo.c における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-3429	2012-03-27 18:42	2010-09-30	Show	GitHub Exploit DB Packet Storm

251205	7.5	危険	Intermesh	-	Intermesh Group-Office の modules/notes/json.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3428	2012-03-27 18:42	2010-09-16	Show	GitHub Exploit DB Packet Storm

251206	4.3	警告	Open Classifieds	-	Open Classifieds におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3427	2012-03-27 18:42	2010-09-16	Show	GitHub Exploit DB Packet Storm

251207	7.5	危険	4you-studio	-	Joomla! 用の Alpha の JPhone (com_jphone) コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3426	2012-03-27 18:42	2010-09-16	Show	GitHub Exploit DB Packet Storm

251208	4.3	警告	SmarterTools Inc.	-	SmarterStats の UserControls/Popups/frmHelp.aspx におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3425	2012-03-27 18:42	2010-09-16	Show	GitHub Exploit DB Packet Storm

251209	4.3	警告	Invision Power Services, Inc	-	IP.Board の admin/sources/classes/bbcode/custom/defaults.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3424	2012-03-27 18:42	2010-09-7	Show	GitHub Exploit DB Packet Storm

251210	7.5	危険	freka	-	Drupal の Yr Weatherdata モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3423	2012-03-27 18:42	2010-09-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
253451	9.8	CRITICAL Network	php netapp	php clustered_data_ontap	Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial o…	CWE-190 Integer Overflow or Wraparound	CVE-2017-5340	2024-11-21 12:27	2017-01-11	Show	GitHub Exploit DB Packet Storm

253452	5.5	MEDIUM Local	netop	remote_control	Stack-based buffer overflow vulnerability in Netop Remote Control versions 11.53, 12.21 and prior. The affected module in the Guest client is the "Import to Phonebook" option. When a specially design…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-5216	2024-11-21 12:27	2017-01-9	Show	GitHub Exploit DB Packet Storm

253453	5.5	MEDIUM Local	samsung	samsung_mobile	Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. Th…	CWE-119 CWE-20 Incorrect Access of Indexable Resource ('Range Error') Improper Input Validation	CVE-2017-5217	2024-11-21 12:27	2017-01-9	Show	GitHub Exploit DB Packet Storm

253454	5.4	MEDIUM Network	tenable	nessus	Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2017-5179	2024-11-21 12:27	2017-01-6	Show	GitHub Exploit DB Packet Storm

253455	6.5	MEDIUM Network	google	chrome	Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CWE-20 Improper Input Validation	CVE-2017-5028	2024-11-21 12:26	2019-06-28	Show	GitHub Exploit DB Packet Storm

253456	6.2	MEDIUM Physics	intel	nuc_kit_firmware compute_card_firmware compute_stick_firmware	Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.	NVD-CWE-noinfo	CVE-2017-3718	2024-11-21 12:26	2019-01-11	Show	GitHub Exploit DB Packet Storm

253457	7.8	HIGH Local	mcafee	application_and_change_control	Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.	CWE-287 Improper Authentication	CVE-2017-3912	2024-11-21 12:26	2018-09-19	Show	GitHub Exploit DB Packet Storm

253458	9.8	CRITICAL Network	mcafee	epolicy_orchestrator	OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via n…	CWE-78 OS Command	CVE-2017-3936	2024-11-21 12:26	2018-06-14	Show	GitHub Exploit DB Packet Storm

253459	9.8	CRITICAL Network	mcafee	mcafee_threat_intelligence_exchange	Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code t…	CWE-94 Code Injection	CVE-2017-3907	2024-11-21 12:26	2018-06-14	Show	GitHub Exploit DB Packet Storm

253460	9.1	CRITICAL Network	mcafee	network_security_manager network_data_loss_prevention	Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers …	CWE-384 Session Fixation	CVE-2017-3968	2024-11-21 12:26	2018-06-14	Show	GitHub Exploit DB Packet Storm