Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251221	10	危険	IBM	-	IBM Lotus Sametime Connect の Web コンテナ実装における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2010-3398	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251222	9.3	危険	pgp	-	PGP Desktop における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-3397	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251223	7.2	危険	kingsoftsecurity	-	Kingsoft Antivirus の kavfm.sys におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3396	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251224	6.9	警告	texmacs	-	TeXmacsの texmacs スクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3394	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251225	6.9	警告	ECMWF	-	Magics++ の magics-config における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3393	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251226	6.9	警告	lttng	-	LTTng Userspace Tracer の usttrace における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3386	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251227	6.9	警告	herac	-	TuxGuitar における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3385	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251228	6.9	警告	Bernhard Wymann	-	TORCS の torcs などのスクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3384	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251229	6.9	警告	TeamSpeak Systems GmbH	-	TeamSpeak の teamspeak スクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3383	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251230	6.9	警告	uoregon	-	TAU の tauex における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3382	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
270151	9.8	CRITICAL Network	gentoo	portage	In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-w…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2016-20021	2024-11-21 11:47	2024-01-12	Show	GitHub Exploit DB Packet Storm

270152	7.5	HIGH Network	knexjs	knex	Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.	CWE-89 SQL Injection	CVE-2016-20018	2024-11-21 11:47	2022-12-19	Show	GitHub Exploit DB Packet Storm

270153	9.8	CRITICAL Network	dlink	dsl-2750b_firmware	D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.	CWE-77 Command Injection	CVE-2016-20017	2024-11-21 11:47	2022-10-19	Show	GitHub Exploit DB Packet Storm

270154	9.8	CRITICAL Network	mvpower	tv-7104he_firmware tv7108he_firmware	MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating sy…	NVD-CWE-noinfo	CVE-2016-20016	2024-11-21 11:47	2022-10-19	Show	GitHub Exploit DB Packet Storm

270155	7.5	HIGH Network	smokeping	smokeping	In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileg…	NVD-CWE-noinfo	CVE-2016-20015	2024-11-21 11:47	2022-09-21	Show	GitHub Exploit DB Packet Storm

270156	6.4	MEDIUM Network	kippo-graph_project	kippo-graph	In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in class/KippoInput.class.php.	CWE-79 Cross-site Scripting	CVE-2016-2139	2024-11-21 11:47	2022-07-29	Show	GitHub Exploit DB Packet Storm

270157	6.4	MEDIUM Network	kippo-graph_project	kippo-graph	In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xss_clean() in class/KippoInput.class.php.	CWE-79 Cross-site Scripting	CVE-2016-2138	2024-11-21 11:47	2022-07-29	Show	GitHub Exploit DB Packet Storm

270158	9.8	CRITICAL Network	pam_tacplus_project	pam_tacplus	In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure.	NVD-CWE-Other	CVE-2016-20014	2024-11-21 11:47	2022-04-21	Show	GitHub Exploit DB Packet Storm

270159	7.5	HIGH Network	sha256crypt_project sha512crypt_project	sha256crypt sha512crypt	sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2016-20013	2024-11-21 11:47	2022-02-19	Show	GitHub Exploit DB Packet Storm

270160	5.9	MEDIUM Network	samba debian fedoraproject redhat canonical	samba debian_linux fedora enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_for_scientific_computing enterprise_linux enterprise_linux_server enterprise_l…	A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.	CWE-287 Improper Authentication	CVE-2016-2124	2024-11-21 11:47	2022-02-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed