Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252141 5 警告 ProFTPD Project - ProFTPD の mod_sftp モジュールにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-1137 2011-04-27 11:59 2011-01-24 Show GitHub Exploit DB Packet Storm
252142 6.8 警告 IBM - IBM AIX の LDAP ログイン機能における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-1561 2011-04-27 11:57 2011-03-31 Show GitHub Exploit DB Packet Storm
252143 4.4 警告 ヒューレット・パッカード - HP HP-UX の OS-Core.CORE2-KRN ファイルセットにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-0891 2011-04-27 11:56 2011-03-23 Show GitHub Exploit DB Packet Storm
252144 1.9 注意 Gentoo Linux
レッドハット		 - logrotate の logrotate.c 内にある writeState 関数におけるサービス運用妨害 (ローテーションの停止) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1155 2011-04-27 11:41 2011-03-30 Show GitHub Exploit DB Packet Storm
252145 6.9 警告 Gentoo Linux
レッドハット		 - logrotate の shred_file 関数における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-1154 2011-04-27 11:40 2011-03-30 Show GitHub Exploit DB Packet Storm
252146 1.9 注意 Gentoo Linux
レッドハット		 - logrotate の createOutputFile 関数におけるログデータを閲覧される脆弱性 CWE-362
競合状態 		CVE-2011-1098 2011-04-27 11:39 2011-03-30 Show GitHub Exploit DB Packet Storm
252147 6.9 警告 サイバートラスト株式会社
libvirt.org
レッドハット		 - 複数のレッドハット製品などで利用される libvirt の libvirt.c における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1146 2011-04-27 11:34 2011-02-17 Show GitHub Exploit DB Packet Storm
252148 5.1 警告 rsync.samba.org
レッドハット		 - rsync における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-1097 2011-04-27 11:32 2011-03-26 Show GitHub Exploit DB Packet Storm
252149 6.9 警告 GNOME Project
レッドハット		 - GNOME Display Manager におけるファイルの所有権を変更される脆弱性 CWE-59
リンク解釈の問題 		CVE-2011-0727 2011-04-27 11:31 2011-03-28 Show GitHub Exploit DB Packet Storm
252150 7.5 危険 レッドハット - Plone における管理者のアクセス権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2011-0720 2011-04-27 11:30 2011-02-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266391 6.1 MEDIUM
Network 		devpups social_pug The "Social Pug - Easy Social Share Buttons" plugin before 1.2.6 for WordPress allows XSS via the wp-admin/admin.php?page=dpsp-toolkit dpsp_message_class parameter. CWE-79
Cross-site Scripting 		CVE-2016-10736 2024-11-21 11:44 2019-01-10 Show GitHub Exploit DB Packet Storm
266392 6.1 MEDIUM
Network 		getbootstrap bootstrap In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. CWE-79
Cross-site Scripting 		CVE-2016-10735 2024-11-21 11:44 2019-01-9 Show GitHub Exploit DB Packet Storm
266393 9.8 CRITICAL
Network 		qualcomm mdm9206_firmware
mdm9607_firmware
mdm9650_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_835_firmware
sda660_firmware 		While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM965… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-10502 2024-11-21 11:44 2018-12-10 Show GitHub Exploit DB Packet Storm
266394 9.8 CRITICAL
Network 		projectsend projectsend ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php. CWE-285
Improper Authorization 		CVE-2016-10734 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm
266395 9.8 CRITICAL
Network 		projectsend projectsend ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string. CWE-22
Path Traversal 		CVE-2016-10733 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm
266396 9.8 CRITICAL
Network 		projectsend projectsend ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to user… CWE-287
Improper Authentication 		CVE-2016-10732 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm
266397 9.8 CRITICAL
Network 		projectsend projectsend ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter… CWE-89
SQL Injection 		CVE-2016-10731 2024-11-21 11:44 2018-10-29 Show GitHub Exploit DB Packet Storm
266398 7.8 HIGH
Local 		zmanda
redhat 		amanda
enterprise_linux 		An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users direct… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-10730 2024-11-21 11:44 2018-10-25 Show GitHub Exploit DB Packet Storm
266399 7.8 HIGH
Local 		zmanda
redhat
debian 		amanda
enterprise_linux
debian_linux 		An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied… CWE-77
Command Injection 		CVE-2016-10729 2024-11-21 11:44 2018-10-25 Show GitHub Exploit DB Packet Storm
266400 5.3 MEDIUM
Network 		suricata-ids suricata An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The tocli… CWE-20
 Improper Input Validation  		CVE-2016-10728 2024-11-21 11:44 2018-07-24 Show GitHub Exploit DB Packet Storm