Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251331	4.3	警告	ヒューレット・パッカード	-	HP SMH におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3012	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251332	5	警告	ヒューレット・パッカード	-	HP SMH における CRLF インジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2010-3011	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251333	4.3	警告	ヒューレット・パッカード	-	HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3010	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

251334	9	危険	ヒューレット・パッカード	-	HP SMH における重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-3009	2012-03-27 18:42	2010-09-13	Show	GitHub Exploit DB Packet Storm

251335	7.2	危険	ヒューレット・パッカード	-	HP Data Protector Express および Data Protector Express SSE における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-3008	2012-03-27 18:42	2010-09-8	Show	GitHub Exploit DB Packet Storm

251336	7.2	危険	ヒューレット・パッカード	-	HP Data Protector Express および Data Protector Express SSE における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-3007	2012-03-27 18:42	2010-09-8	Show	GitHub Exploit DB Packet Storm

251337	7.8	危険	ヒューレット・パッカード	-	HP ProLiant G6 Lights-Out 100 Remote Management カードにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-3006	2012-03-27 18:42	2010-09-7	Show	GitHub Exploit DB Packet Storm

251338	6.8	警告	ヒューレット・パッカード	-	HP Operations Agent における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-3005	2012-03-27 18:42	2010-09-2	Show	GitHub Exploit DB Packet Storm

251339	7.5	危険	ヒューレット・パッカード	-	HP Operations Agent における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3004	2012-03-27 18:42	2010-09-2	Show	GitHub Exploit DB Packet Storm

251340	4.3	警告	ヒューレット・パッカード	-	HP Insight Diagnostics Online Edition におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3003	2012-03-27 18:42	2010-08-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265941	9.8	CRITICAL Network	ieasytec	itrackeasy	Session cookies are not used for maintaining valid sessions in iTrack Easy. The user's password is passed as a POST parameter over HTTPS using a base64 encoded passwd field on every request. In this …	CWE-384 Session Fixation	CVE-2016-6545	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265942	7.5	HIGH Network	ieasytec	itrack_easy	getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device.	CWE-287 Improper Authentication	CVE-2016-6544	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265943	5.9	MEDIUM Network	ieasytec	itrack_easy	A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.	CWE-284 Improper Access Control	CVE-2016-6543	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265944	3.7	LOW Network	ieasytec	itrackeasy	The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device. The tracker ID is the device's BLE MAC address.	CWE-20 Improper Input Validation	CVE-2016-6542	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265945	9.8	CRITICAL Network	shdesigns	resident_download_manager	SHDesigns' Resident Download Manager provides firmware update capabilities for Rabbit 2000/3000 CPU boards, which according to the reporter may be used in some industrial control and embedded applica…	CWE-20 Improper Input Validation	CVE-2016-6567	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265946	8.1	HIGH Network	infinixauthority bluproducts xolo beeline iku-mobile leagoo doogee	hot_x507_firmware hot_2_x510_firmware zero_x506_firmware zero_2_x509_firmware studio_g_firmware studio_g_plus_firmware studio_6.0_hd_firmware studio_x_firmware studio_x_plus_f…	Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this bina…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-6564	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265947	9.8	CRITICAL Network	dlink	dir-823_firmware dir-822_firmware dir-818l\(w\)_firmware dir-895l_firmware dir-890l_firmware dir-885l_firmware dir-880l_firmware dir-868l_firmware dir-850l_firmware	Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-6563	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265948	9.8	CRITICAL Network	freebsd	freebsd	Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depend…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-6559	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265949	9.8	CRITICAL Network	asus	rp-ac52_firmware ea-n66_firmware rp-n12_firmware rp-n14_firmware rp-n53_firmware rp-ac56_firmware wmp-n12_firmware	A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The …	CWE-77 Command Injection	CVE-2016-6558	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm

265950	8.8	HIGH Network	asus	rp-ac52_firmware ea-n66_firmware rp-n12_firmware rp-n14_firmware rp-n53_firmware rp-ac56_firmware wmp-n12_firmware	In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided…	CWE-352 Origin Validation Error	CVE-2016-6557	2024-11-21 11:56	2018-07-14	Show	GitHub Exploit DB Packet Storm