Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252031 7.2 危険 GNU Project
VMware
サイバートラスト株式会社
レッドハット		 - GNU C library の ld.so における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3856 2011-01-25 15:48 2010-10-25 Show GitHub Exploit DB Packet Storm
252032 5.8 警告 Mozilla Foundation
オラクル		 - Mozilla Firefox の JavaScript 実装内にある js_InitRandom 関数におけるシード値を推測される脆弱性 CWE-310
暗号の問題 		CVE-2010-3400 2011-01-25 15:15 2010-09-15 Show GitHub Exploit DB Packet Storm
252033 4.3 警告 Mozilla Foundation
オラクル		 - Mozilla Firefox におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2117 2011-01-25 15:13 2010-06-1 Show GitHub Exploit DB Packet Storm
252034 6.8 警告 アップル - Apple Mac OS X における脆弱性に対するアップデート CWE-134
書式文字列の問題 		CVE-2010-4013 2011-01-25 15:10 2011-01-7 Show GitHub Exploit DB Packet Storm
252035 5 警告 GNU Project - GNU C Library の regcomp 実装におけるスタック消費の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4052 2011-01-21 16:37 2011-01-13 Show GitHub Exploit DB Packet Storm
252036 5 警告 GNU Project - GNU C Library の regcomp 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-4051 2011-01-21 16:35 2011-01-13 Show GitHub Exploit DB Packet Storm
252037 - - (複数のベンダ) - 侵入検知システム (IDS) および侵入防止システム (IPS) の機能を回避可能な問題 - - 2011-01-21 16:30 2010-12-16 Show GitHub Exploit DB Packet Storm
252038 6.9 警告 Ecava - Ecava IntegraXor における権限昇格の脆弱性 CWE-Other
その他 		CVE-2010-4599 2011-01-21 15:52 2010-12-17 Show GitHub Exploit DB Packet Storm
252039 5 警告 Ecava - Ecava IntegraXor におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4598 2011-01-21 15:38 2011-01-12 Show GitHub Exploit DB Packet Storm
252040 6.8 警告 Lunascape - Lunascape における DLL 読み込みに関する脆弱性 CWE-Other
その他 		CVE-2010-3927 2011-01-21 11:02 2011-01-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
267951 8.8 HIGH
Network 		yeager yeager_cms SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter. CWE-89
SQL Injection 		CVE-2015-7569 2024-11-21 11:37 2017-04-25 Show GitHub Exploit DB Packet Storm
267952 9.8 CRITICAL
Network 		yeager yeager_cms SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter. CWE-89
SQL Injection 		CVE-2015-7568 2024-11-21 11:37 2017-04-25 Show GitHub Exploit DB Packet Storm
267953 5.5 MEDIUM
Local 		huawei p7_firmware
p8_ale-ul00_firmware 		Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application th… CWE-20
 Improper Input Validation  		CVE-2015-7740 2024-11-21 11:37 2017-04-13 Show GitHub Exploit DB Packet Storm
267954 8.8 HIGH
Network 		samsung galaxy_s6 SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript. CWE-20
 Improper Input Validation  		CVE-2015-7893 2024-11-21 11:37 2017-04-12 Show GitHub Exploit DB Packet Storm
267955 9.8 CRITICAL
Network 		botan_project botan botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by acc… CWE-295
Improper Certificate Validation  		CVE-2015-7826 2024-11-21 11:37 2017-04-11 Show GitHub Exploit DB Packet Storm
267956 7.5 HIGH
Network 		botan_project botan botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the cer… NVD-CWE-Other
CVE-2015-7825 2024-11-21 11:37 2017-04-11 Show GitHub Exploit DB Packet Storm
267957 7.5 HIGH
Network 		botan_project botan botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites. CWE-200
Information Exposure 		CVE-2015-7824 2024-11-21 11:37 2017-04-11 Show GitHub Exploit DB Packet Storm
267958 5.5 MEDIUM
Local 		huawei e3272s_firmware Huawei MBB (Mobile Broadband) product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service (DoS) vulnerability. An attacker could send a malicious … CWE-20
 Improper Input Validation  		CVE-2015-7847 2024-11-21 11:37 2017-04-3 Show GitHub Exploit DB Packet Storm
267959 7.5 HIGH
Network 		huawei fusionaccess Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not … CWE-20
 Improper Input Validation  		CVE-2015-7844 2024-11-21 11:37 2017-04-3 Show GitHub Exploit DB Packet Storm
267960 6.1 MEDIUM
Network 		icinga
opensuse_project
opensuse 		icinga
leap 		Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the… CWE-79
Cross-site Scripting 		CVE-2015-8010 2024-11-21 11:37 2017-03-28 Show GitHub Exploit DB Packet Storm