Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251241	6.9	警告	vips	-	VIPS の vips-7.22 スクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3364	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251242	6.9	警告	roaraudio	-	roaraudio の roarify における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3363	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251243	6.9	警告	last	-	lastfm における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3362	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251244	6.9	警告	shrew	-	Shrew Soft IKE の iked スクリプトにおける権限を取得される脆弱性	CWE-DesignError	CVE-2010-3361	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251245	6.9	警告	pedro villavicencio garrido	-	Hipo における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3360	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251246	6.9	警告	henner zeller	-	HenPlus JDBC SQL-Shell における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3358	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251247	6.9	警告	pedro castro	-	gnome-subtitles における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3357	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251248	9.3	危険	FreeType Project	-	FreeType の libXft における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-3311	2012-03-27 18:42	2011-01-7	Show	GitHub Exploit DB Packet Storm

251249	6.9	警告	erik hjortsberg	-	Ember における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3355	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

251250	6.9	警告	Dropbox	-	Dropbox の dropboxd における権限を取得される脆弱性	CWE-DesignError	CVE-2010-3354	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274201	9.8	CRITICAL Network	click_project canonical	click ubuntu_linux	click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-8768	2024-11-21 11:39	2017-02-14	Show	GitHub Exploit DB Packet Storm

274202	6.5	MEDIUM Network	libdwarf_project	libdwarf	libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.	CWE-476 NULL Pointer Dereference	CVE-2015-8750	2024-11-21 11:39	2017-02-14	Show	GitHub Exploit DB Packet Storm

274203	6.1	MEDIUM Network	squidguard	squidguard	Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link.	CWE-79 Cross-site Scripting	CVE-2015-8936	2024-11-21 11:39	2017-02-10	Show	GitHub Exploit DB Packet Storm

274204	8.8	HIGH Network	dotclear	dotclear	Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with "manage their own media items" and "manage their own entries…	CWE-284 Improper Access Control	CVE-2015-8832	2024-11-21 11:39	2017-02-10	Show	GitHub Exploit DB Packet Storm

274205	6.1	MEDIUM Network	dotclear	dotclear	Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment.	CWE-79 Cross-site Scripting	CVE-2015-8831	2024-11-21 11:39	2017-02-10	Show	GitHub Exploit DB Packet Storm

274206	7.5	HIGH Network	mybb	mybb merge_system	MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2015-8977	2024-11-21 11:39	2017-02-1	Show	GitHub Exploit DB Packet Storm

274207	6.1	MEDIUM Network	mybb	mybb merge_system	Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web scr…	CWE-79 Cross-site Scripting	CVE-2015-8976	2024-11-21 11:39	2017-02-1	Show	GitHub Exploit DB Packet Storm

274208	6.1	MEDIUM Network	mybb	mybb merge_system	Cross-site scripting (XSS) vulnerability in the error handler in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inj…	CWE-79 Cross-site Scripting	CVE-2015-8975	2024-11-21 11:39	2017-02-1	Show	GitHub Exploit DB Packet Storm

274209	10.0	CRITICAL Network	mybb	mybb merge_system	SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remo…	CWE-89 SQL Injection	CVE-2015-8974	2024-11-21 11:39	2017-02-1	Show	GitHub Exploit DB Packet Storm

274210	8.3	HIGH Network	mybb	mybb merge_system	xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to…	CWE-284 Improper Access Control	CVE-2015-8973	2024-11-21 11:39	2017-02-1	Show	GitHub Exploit DB Packet Storm