Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252061 7.5 危険 NeoJoomla - Joomla! 用 NeoRecruit コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4995 2011-12-9 14:23 2011-11-1 Show GitHub Exploit DB Packet Storm
252062 7.5 危険 esoftpro - esoftpro Online Guestbook Pro の ogp_show.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4996 2011-12-9 14:22 2011-11-1 Show GitHub Exploit DB Packet Storm
252063 7.5 危険 esoftpro - esoftpro Online Photo Pro の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4999 2011-12-9 14:21 2011-11-1 Show GitHub Exploit DB Packet Storm
252064 7.5 危険 esoftpro - esoftpro Online Contact Manager の view.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5001 2011-12-9 14:21 2011-11-1 Show GitHub Exploit DB Packet Storm
252065 4.3 警告 Exponent CMS project - Exponent CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-5002 2011-12-9 14:20 2011-11-1 Show GitHub Exploit DB Packet Storm
252066 7.5 危険 Autartica - Joomla! 用 の AutarTimonial コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5003 2011-12-9 14:20 2011-11-1 Show GitHub Exploit DB Packet Storm
252067 4.3 警告 VideoWhisper.com - VideoWhisper PHP 2 Way Video Chat コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4971 2011-12-9 14:19 2011-11-2 Show GitHub Exploit DB Packet Storm
252068 7.5 危険 OlyKit - OlyKit Swoopo Clone 2010 の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4997 2011-12-9 14:18 2011-11-2 Show GitHub Exploit DB Packet Storm
252069 7.5 危険 Maulana Al Matien - ardeaCore PHP Framework におけるリモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4998 2011-12-9 14:18 2011-11-2 Show GitHub Exploit DB Packet Storm
252070 7.5 危険 Joe Pieruccini - MCLogin System の login/login_index.php におけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-5000 2011-12-9 14:17 2011-11-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
265741 8.8 HIGH
Network 		opensuse
roundcube 		leap
webmail 		Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a deni… CWE-352
 Origin Validation Error 		CVE-2016-4069 2024-11-21 11:51 2016-08-26 Show GitHub Exploit DB Packet Storm
265742 9.8 CRITICAL
Network 		adobe acrobat
acrobat_dc
acrobat_reader_dc
reader 		Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attacker… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-4119 2024-11-21 11:51 2016-08-27 Show GitHub Exploit DB Packet Storm
265743 6.5 MEDIUM
Network 		broadcom fabric_operating_system HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors. CWE-254
 7PK - Security Features 		CVE-2016-4376 2024-11-21 11:51 2016-08-22 Show GitHub Exploit DB Packet Storm
265744 8.1 HIGH
Network 		hp sizing_tool_for_sap_business_suite_powered_by_hana
sap_sizing_tool
insight_management_sizer
storage_sizing_tool
sizer_for_microsoft_sharepoint_2013
sizer_for_microsoft_lync_server_2013… 		HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy … NVD-CWE-noinfo
CVE-2016-4377 2024-11-21 11:51 2016-08-22 Show GitHub Exploit DB Packet Storm
265745 5.3 MEDIUM
Network 		adobe experience_manager The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors. CWE-200
Information Exposure 		CVE-2016-4253 2024-11-21 11:51 2016-08-10 Show GitHub Exploit DB Packet Storm
265746 6.1 MEDIUM
Network 		adobe experience_manager Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2016-4170 2024-11-21 11:51 2016-08-10 Show GitHub Exploit DB Packet Storm
265747 5.3 MEDIUM
Network 		adobe experience_manager Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors. CWE-200
Information Exposure 		CVE-2016-4169 2024-11-21 11:51 2016-08-10 Show GitHub Exploit DB Packet Storm
265748 6.1 MEDIUM
Network 		adobe experience_manager Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2016-4168 2024-11-21 11:51 2016-08-10 Show GitHub Exploit DB Packet Storm
265749 7.7 HIGH
Network 		hp release_control HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and consequently obtain sensitive informatio… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2016-4374 2024-11-21 11:51 2016-08-8 Show GitHub Exploit DB Packet Storm
265750 8.6 HIGH
Network 		wordpress
debian 		wordpress
debian_linux 		WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2016-4029 2024-11-21 11:51 2016-08-8 Show GitHub Exploit DB Packet Storm