Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252061	7.5	危険	NeoJoomla	-	Joomla! 用 NeoRecruit コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4995	2011-12-9 14:23	2011-11-1	Show	GitHub Exploit DB Packet Storm

252062	7.5	危険	esoftpro	-	esoftpro Online Guestbook Pro の ogp_show.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4996	2011-12-9 14:22	2011-11-1	Show	GitHub Exploit DB Packet Storm

252063	7.5	危険	esoftpro	-	esoftpro Online Photo Pro の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4999	2011-12-9 14:21	2011-11-1	Show	GitHub Exploit DB Packet Storm

252064	7.5	危険	esoftpro	-	esoftpro Online Contact Manager の view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5001	2011-12-9 14:21	2011-11-1	Show	GitHub Exploit DB Packet Storm

252065	4.3	警告	Exponent CMS project	-	Exponent CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5002	2011-12-9 14:20	2011-11-1	Show	GitHub Exploit DB Packet Storm

252066	7.5	危険	Autartica	-	Joomla! 用の AutarTimonial コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5003	2011-12-9 14:20	2011-11-1	Show	GitHub Exploit DB Packet Storm

252067	4.3	警告	VideoWhisper.com	-	VideoWhisper PHP 2 Way Video Chat コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4971	2011-12-9 14:19	2011-11-2	Show	GitHub Exploit DB Packet Storm

252068	7.5	危険	OlyKit	-	OlyKit Swoopo Clone 2010 の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4997	2011-12-9 14:18	2011-11-2	Show	GitHub Exploit DB Packet Storm

252069	7.5	危険	Maulana Al Matien	-	ardeaCore PHP Framework におけるリモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2010-4998	2011-12-9 14:18	2011-11-2	Show	GitHub Exploit DB Packet Storm

252070	7.5	危険	Joe Pieruccini	-	MCLogin System の login/login_index.php におけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5000	2011-12-9 14:17	2011-11-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265731	7.5	HIGH Network	fedoraproject pgpdump_project	fedora pgpdump	The read_binary function in buffer.c in pgpdump before 0.30 allows context-dependent attackers to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by t…	CWE-399 Resource Management Errors	CVE-2016-4021	2024-11-21 11:51	2016-05-26	Show	GitHub Exploit DB Packet Storm

265732	6.5	MEDIUM Local	qemu canonical debian redhat	qemu ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server openstack enterprise_linux_server_aus enterprise_linux_eus ente…	The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory …	NVD-CWE-noinfo	CVE-2016-4020	2024-11-21 11:51	2016-05-26	Show	GitHub Exploit DB Packet Storm

265733	8.1	HIGH Network	huawei	s12700_firmware s5700_firmware	Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of se…	CWE-20 Improper Input Validation	CVE-2016-4087	2024-11-21 11:51	2016-05-24	Show	GitHub Exploit DB Packet Storm

265734	7.5	HIGH Network	quagga opensuse	quagga leap opensuse	The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and d…	CWE-20 Improper Input Validation	CVE-2016-4049	2024-11-21 11:51	2016-05-24	Show	GitHub Exploit DB Packet Storm

265735	6.0	MEDIUM Local	fedoraproject canonical qemu debian	fedora ubuntu_linux qemu debian_linux	The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous tra…	CWE-400 Uncontrolled Resource Consumption	CVE-2016-4037	2024-11-21 11:51	2016-05-24	Show	GitHub Exploit DB Packet Storm

265736	8.6	HIGH Network	qemu canonical fedoraproject debian	qemu ubuntu_linux fedora debian_linux	Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cau…	CWE-120 Classic Buffer Overflow	CVE-2016-4001	2024-11-21 11:51	2016-05-24	Show	GitHub Exploit DB Packet Storm

265737	7.5	HIGH Network	opensuse golang fedoraproject	leap go fedora	The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a …	CWE-20 Improper Input Validation	CVE-2016-3959	2024-11-21 11:51	2016-05-24	Show	GitHub Exploit DB Packet Storm

265738	7.8	HIGH Local	golang	go	Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x before 1.6.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, related to use …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-3958	2024-11-21 11:51	2016-05-24	Show	GitHub Exploit DB Packet Storm

265739	9.8	CRITICAL Network	php opensuse	php leap opensuse	Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string,…	CWE-190 Integer Overflow or Wraparound	CVE-2016-4346	2024-11-21 11:51	2016-05-22	Show	GitHub Exploit DB Packet Storm

265740	9.8	CRITICAL Network	php	php	Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other i…	CWE-190 Integer Overflow or Wraparound	CVE-2016-4345	2024-11-21 11:51	2016-05-22	Show	GitHub Exploit DB Packet Storm