Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251221	10	危険	IBM	-	IBM Lotus Sametime Connect の Web コンテナ実装における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2010-3398	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251222	9.3	危険	pgp	-	PGP Desktop における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-3397	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251223	7.2	危険	kingsoftsecurity	-	Kingsoft Antivirus の kavfm.sys におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3396	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251224	6.9	警告	texmacs	-	TeXmacsの texmacs スクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3394	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251225	6.9	警告	ECMWF	-	Magics++ の magics-config における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3393	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251226	6.9	警告	lttng	-	LTTng Userspace Tracer の usttrace における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3386	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251227	6.9	警告	herac	-	TuxGuitar における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3385	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251228	6.9	警告	Bernhard Wymann	-	TORCS の torcs などのスクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3384	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251229	6.9	警告	TeamSpeak Systems GmbH	-	TeamSpeak の teamspeak スクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3383	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251230	6.9	警告	uoregon	-	TAU の tauex における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3382	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
281771	-	projectsend	projectsend	Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP exte…	CWE-94 Code Injection	CVE-2014-9567	2024-11-21 11:21	2015-01-8	Show	GitHub Exploit DB Packet Storm

281772	-	humhub	humhub	SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in HumHub 0.10.0-rc.1 and earlier allows remote authenticated users to ex…	CWE-89 SQL Injection	CVE-2014-9528	2024-11-21 11:21	2015-01-7	Show	GitHub Exploit DB Packet Storm

281773	-	fedoraproject apache	fedora poi	HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.	CWE-399 Resource Management Errors	CVE-2014-9527	2024-11-21 11:21	2015-01-7	Show	GitHub Exploit DB Packet Storm

281774	-	concrete5 concretecms	concrete5 concrete_cms	Multiple cross-site scripting (XSS) vulnerabilities in concrete5 5.7.2.1, 5.7.2, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gName parameter in single_pages/…	CWE-79 Cross-site Scripting	CVE-2014-9526	2024-11-21 11:21	2015-01-6	Show	GitHub Exploit DB Packet Storm

281775	-	timed_popup_project	timed_popup	Multiple cross-site request forgery (CSRF) vulnerabilities in the Timed Popup (wp-timed-popup) plugin 1.3 for WordPress allow remote attackers to hijack the authentication of administrators for reque…	CWE-352 Origin Validation Error	CVE-2014-9525	2024-11-21 11:21	2015-01-6	Show	GitHub Exploit DB Packet Storm

281776	-	facebook_like_box_project	facebook_like_box	Multiple cross-site request forgery (CSRF) vulnerabilities in the Facebook Like Box (cardoza-facebook-like-box) plugin before 2.8.3 for WordPress allow remote attackers to hijack the authentication o…	CWE-352 Origin Validation Error	CVE-2014-9524	2024-11-21 11:21	2015-01-6	Show	GitHub Exploit DB Packet Storm

281777	-	smartcat	our_team_showcase	Multiple cross-site request forgery (CSRF) vulnerabilities in the Our Team Showcase (our-team-enhanced) plugin before 1.3 for WordPress allow remote attackers to hijack the authentication of administ…	CWE-352 Origin Validation Error	CVE-2014-9523	2024-11-21 11:21	2015-01-6	Show	GitHub Exploit DB Packet Storm

281778	-	papoo	cms_papoo_light	Multiple cross-site scripting (XSS) vulnerabilities in CMS Papoo Light 6.0.0 (Rev 4701) allow remote attackers to inject arbitrary web script or HTML via the (1) author field to guestbook.php or (2) …	CWE-79 Cross-site Scripting	CVE-2014-9522	2024-11-21 11:21	2015-01-6	Show	GitHub Exploit DB Packet Storm

281779	-	infinitewp	infinitewp	Unrestricted file upload vulnerability in uploadScript.php in InfiniteWP Admin Panel before 2.4.4, when the allWPFiles query parameter is set, allows remote attackers to execute arbitrary code by upl…	CWE-94 Code Injection	CVE-2014-9521	2024-11-21 11:21	2015-01-6	Show	GitHub Exploit DB Packet Storm

281780	-	infinitewp	infinitewp	SQL injection vulnerability in execute.php in InfiniteWP Admin Panel before 2.4.4 allows remote attackers to execute arbitrary SQL commands via the historyID parameter.	CWE-89 SQL Injection	CVE-2014-9520	2024-11-21 11:21	2015-01-6	Show	GitHub Exploit DB Packet Storm