Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251921 9.4 危険 オラクル - Oracle Fusion Middleware の Oracle Document Capture コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3599 2011-02-10 11:44 2011-01-18 Show GitHub Exploit DB Packet Storm
251922 7.5 危険 オラクル - Oracle Audit Vault の Audit Vault コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4449 2011-02-10 11:36 2011-01-18 Show GitHub Exploit DB Packet Storm
251923 6.4 警告 オラクル - Oracle Secure Backup の mod_ssl コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3596 2011-02-10 11:30 2011-01-18 Show GitHub Exploit DB Packet Storm
251924 3.6 注意 オラクル - Oracle Database Server の Database Vault コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4420 2011-02-9 16:44 2011-01-18 Show GitHub Exploit DB Packet Storm
251925 4.3 警告 オラクル - Oracle Database Server の Scheduler Agent コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4413 2011-02-9 16:43 2011-01-18 Show GitHub Exploit DB Packet Storm
251926 4.9 警告 オラクル - Oracle Database Server の Oracle Spatial コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3590 2011-02-9 16:43 2011-01-18 Show GitHub Exploit DB Packet Storm
251927 6.9 警告 オラクル - Windows 上で稼働する Oracle Database Server の Cluster Verify Utility コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4423 2011-02-9 16:42 2011-01-18 Show GitHub Exploit DB Packet Storm
251928 6.8 警告 オラクル - Oracle Database Server の Database Vault コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4421 2011-02-9 16:42 2011-01-18 Show GitHub Exploit DB Packet Storm
251929 7.5 危険 オラクル - 複数の Oracle 製品の Client System Analyzer コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3600 2011-02-9 16:41 2011-01-18 Show GitHub Exploit DB Packet Storm
251930 7.2 危険 マイクロソフト - 複数の Microsoft 製品の kernel-mode ドライバにおける権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-2743 2011-02-9 16:39 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
279921 - microsoft internet_explorer Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability tha… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-4124 2024-11-21 11:09 2014-10-15 Show GitHub Exploit DB Packet Storm
279922 - microsoft .net_framework Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging th… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-4122 2024-11-21 11:09 2014-10-15 Show GitHub Exploit DB Packet Storm
279923 - microsoft .net_framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause… CWE-399
 Resource Management Errors 		CVE-2014-4121 2024-11-21 11:09 2014-10-15 Show GitHub Exploit DB Packet Storm
279924 - microsoft word_web_apps
office
word
sharepoint_server
office_compatibility_pack 		Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Word 2010 SP1 and SP2, Office for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP1 an… CWE-20
 Improper Input Validation  		CVE-2014-4117 2024-11-21 11:09 2014-10-15 Show GitHub Exploit DB Packet Storm
279925 - microsoft windows_server_2003
windows_vista
windows_server_2008 		fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly allocate memory, which allows physically proxima… CWE-399
 Resource Management Errors 		CVE-2014-4115 2024-11-21 11:09 2014-10-15 Show GitHub Exploit DB Packet Storm
279926 - microsoft asp.net_model_view_controller Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Microsoft ASP.NET Model View Controller (MVC) 2.0 through 5.1 allows remote attackers to inject arbitrary web script or HTML via a cr… CWE-79
Cross-site Scripting 		CVE-2014-4075 2024-11-21 11:09 2014-10-15 Show GitHub Exploit DB Packet Storm
279927 - microsoft .net_framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-4073 2024-11-21 11:09 2014-10-15 Show GitHub Exploit DB Packet Storm
279928 - epicor epicor_procurement SQL injection vulnerability in Epicor Procurement before 7.4 SP2 allows remote attackers to execute arbitrary SQL commands via the User field. CWE-89
SQL Injection 		CVE-2014-4313 2024-11-21 11:09 2014-10-10 Show GitHub Exploit DB Packet Storm
279929 - epicor epicor_enterprise Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the (1) Notes section to O… CWE-79
Cross-site Scripting 		CVE-2014-4312 2024-11-21 11:09 2014-10-10 Show GitHub Exploit DB Packet Storm
279930 - gnu
opensuse 		glibc
opensuse 		The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-… CWE-94
Code Injection 		CVE-2014-4043 2024-11-21 11:09 2014-10-7 Show GitHub Exploit DB Packet Storm