Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251551	7.5	危険	Dev-Team Typoheads	-	TYPO3 用 Webkit PDFs エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4961	2012-02-29 14:49	2011-10-9	Show	GitHub Exploit DB Packet Storm

251552	4.3	警告	Martin Hesse	-	TYPO3 用 Branchenbuch エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4960	2012-02-29 14:43	2011-10-9	Show	GitHub Exploit DB Packet Storm

251553	7.5	危険	PreProject.com	-	Pre Projects Pre Podcast Portal の login 機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4959	2012-02-29 14:35	2011-10-9	Show	GitHub Exploit DB Packet Storm

251554	7.5	危険	Prado Portal	-	Prado Portal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4958	2012-02-29 14:23	2011-10-9	Show	GitHub Exploit DB Packet Storm

251555	7.5	危険	php-programs	-	APBoard Developers APBoard の board/board.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4955	2012-02-29 14:06	2011-10-9	Show	GitHub Exploit DB Packet Storm

251556	7.5	危険	Gambio	-	xt:Commerce Gambio 2008 の product_reviews_info.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4954	2012-02-29 14:05	2011-10-9	Show	GitHub Exploit DB Packet Storm

251557	10	危険	Jens Witt	-	TYPO3 用 JW Calendar エクステンションにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-4953	2012-02-29 11:55	2011-10-9	Show	GitHub Exploit DB Packet Storm

251558	7.5	危険	Joachim Ruhs	-	TYPO3 用 FE user statistic エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4952	2012-02-29 11:51	2011-10-9	Show	GitHub Exploit DB Packet Storm

251559	5	警告	Thomas Mammitzsch	-	TYPO3 用 xaJax Shoutbox エクステンションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4951	2012-02-29 11:48	2011-10-9	Show	GitHub Exploit DB Packet Storm

251560	7.5	危険	Joachim Ruhs	-	TYPO3 用 Event エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4950	2012-02-29 11:42	2011-10-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254951	6.5	MEDIUM Network	hdfgroup	hdf5	In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.	CWE-476 NULL Pointer Dereference	CVE-2017-17505	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254952	6.5	MEDIUM Network	imagemagick canonical debian	imagemagick ubuntu_linux debian_linux	ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.	CWE-125 Out-of-bounds Read	CVE-2017-17504	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254953	8.8	HIGH Network	graphicsmagick debian	graphicsmagick debian_linux	ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.	CWE-125 Out-of-bounds Read	CVE-2017-17503	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254954	8.8	HIGH Network	graphicsmagick debian	graphicsmagick debian_linux	ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.	CWE-125 Out-of-bounds Read	CVE-2017-17502	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254955	8.8	HIGH Network	graphicsmagick debian	graphicsmagick debian_linux	WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.	CWE-125 Out-of-bounds Read	CVE-2017-17501	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254956	8.8	HIGH Network	graphicsmagick debian	graphicsmagick debian_linux	ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.	CWE-125 Out-of-bounds Read	CVE-2017-17500	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254957	9.8	CRITICAL Network	imagemagick canonical debian	imagemagick ubuntu_linux debian_linux	ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.	CWE-416 Use After Free	CVE-2017-17499	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254958	8.8	HIGH Network	graphicsmagick	graphicsmagick	WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-17498	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254959	7.5	HIGH Network	htacg	tidy	In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" proces…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-17497	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm

254960	9.8	CRITICAL Network	icu-project	international_components_for_unicode	The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-17484	2024-11-21 12:18	2017-12-11	Show	GitHub Exploit DB Packet Storm