Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252011	4.3	警告	Google	-	Google Chrome におけるポップアップブロッカーを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2010-3246	2011-01-27 14:37	2010-09-2	Show	GitHub Exploit DB Packet Storm

252012	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla Firefox および SeaMonkey の Gopher パーサにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3177	2011-01-27 14:26	2010-10-19	Show	GitHub Exploit DB Packet Storm

252013	6.9	警告	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Linux 上で稼働する複数の Mozilla 製品における application-launch スクリプトに関する権限昇格の脆弱性	CWE-DesignError	CVE-2010-3182	2011-01-27 14:24	2010-10-19	Show	GitHub Exploit DB Packet Storm

252014	7.6	危険	GNOME Project レッドハット	-	Evince の TFM フォントパーサにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-2643	2011-01-26 15:32	2011-01-5	Show	GitHub Exploit DB Packet Storm

252015	7.6	危険	GNOME Project レッドハット	-	Evince の AFM フォントパーサにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2642	2011-01-26 15:30	2011-01-5	Show	GitHub Exploit DB Packet Storm

252016	7.6	危険	GNOME Project レッドハット	-	Evince の VF フォントパーサにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2641	2011-01-26 15:21	2011-01-5	Show	GitHub Exploit DB Packet Storm

252017	7.6	危険	GNOME Project レッドハット	-	Evince の PK フォントパーサにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2640	2011-01-26 15:10	2011-01-5	Show	GitHub Exploit DB Packet Storm

252018	5	警告	MODX	-	MODx Evolution におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3930	2011-01-26 14:02	2011-01-26	Show	GitHub Exploit DB Packet Storm

252019	7.5	危険	MODX	-	MODx Evolution における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3929	2011-01-26 14:01	2011-01-26	Show	GitHub Exploit DB Packet Storm

252020	9.3	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4042	2011-01-26 13:28	2010-10-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
308701	-		-	-	Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentiall…	-	CVE-2024-47807	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

308702	-		-	-	Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentia…	-	CVE-2024-47806	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

308703	-		-	-	A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users.	-	CVE-2024-33210	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

308704	-		-	-	DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (data…	CWE-79 CWE-80 Cross-site Scripting Basic XSS	CVE-2024-47612	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

308705	-		-	-	A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.	-	CVE-2024-44193	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

308706	-		-	-	According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the T…	-	CVE-2024-44097	2024-10-4 22:50	2024-10-2	Show	GitHub Exploit DB Packet Storm

308707	-		-	-	A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.	-	CVE-2024-8885	2024-10-4 22:50	2024-10-2	Show	GitHub Exploit DB Packet Storm

308708	-		-	-	Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This en…	-	CVE-2024-8038	2024-10-4 22:50	2024-10-2	Show	GitHub Exploit DB Packet Storm

308709	-		-	-	JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to a…	-	CVE-2024-7558	2024-10-4 22:50	2024-10-2	Show	GitHub Exploit DB Packet Storm

308710	6.5	MEDIUM Network	-	-	An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.	CWE-306 Missing Authentication for Critical Function	CVE-2024-35294	2024-10-4 22:50	2024-10-2	Show	GitHub Exploit DB Packet Storm