Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252171	7.2	危険	VMware	-	複数の VMware 製品の vmware-mount における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4296	2010-12-27 15:38	2010-12-2	Show	GitHub Exploit DB Packet Storm

252172	6.9	警告	VMware	-	複数の VMware 製品の vmware-mount における権限昇格の脆弱性	CWE-362 競合状態	CVE-2010-4295	2010-12-27 15:36	2010-12-2	Show	GitHub Exploit DB Packet Storm

252173	9.3	危険	VMware	-	複数の VMware 製品の VMnc メディアコーデック内にあるフレーム復元機能における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4294	2010-12-27 15:33	2010-12-2	Show	GitHub Exploit DB Packet Storm

252174	2.1	注意	アップル	-	Windows 上で稼働する Apple QuickTime における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0530	2010-12-27 15:07	2010-12-9	Show	GitHub Exploit DB Packet Storm

252175	9.3	危険	アップル	-	Windows 上で稼働する Apple QuickTime におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1508	2010-12-27 15:06	2010-12-9	Show	GitHub Exploit DB Packet Storm

252176	9.3	危険	アップル	-	Apple QuickTime における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-3800	2010-12-27 14:59	2010-12-9	Show	GitHub Exploit DB Packet Storm

252177	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における無効なフラグ参照に起因する脆弱性	CWE-399 リソース管理の問題	CVE-2010-3962	2010-12-27 14:36	2010-11-4	Show	GitHub Exploit DB Packet Storm

252178	10	危険	CA Technologies	-	CA PSFormX および CA WebScan ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-20 CWE-noinfo	CVE-2010-2193	2010-12-27 11:49	2010-06-8	Show	GitHub Exploit DB Packet Storm

252179	2.6	注意	CA Technologies	-	CA eHealth Performance Manager におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0640	2010-12-27 11:44	2010-02-24	Show	GitHub Exploit DB Packet Storm

252180	9.3	危険	CA Technologies	-	CA eTrust PestPatrol の PestPatrol ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-4225	2010-12-27 11:41	2009-12-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266911	5.4	MEDIUM Network	bedita	bedita	An issue was discovered in BEdita before 3.7.0. A cross-site scripting (XSS) attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/lea…	CWE-79 Cross-site Scripting	CVE-2015-9260	2024-11-21 11:40	2018-07-5	Show	GitHub Exploit DB Packet Storm

266912	7.5	HIGH Network	ansi2html_project	ansi2html	ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in.	CWE-20 Improper Input Validation	CVE-2015-9239	2024-11-21 11:40	2018-06-1	Show	GitHub Exploit DB Packet Storm

266913	5.3	MEDIUM Network	secure-compare_project	secure-compare	secure-compare 3.0.0 and below do not actually compare two strings properly. compare was actually comparing the first argument with itself, meaning the check passed for any two strings of the same le…	CWE-134 Use of Externally-Controlled Format String	CVE-2015-9238	2024-11-21 11:40	2018-06-1	Show	GitHub Exploit DB Packet Storm

266914	5.3	MEDIUM Network	hapijs	hapi	Hapi versions less than 11.0.0 implement CORS incorrectly and allowed for configurations that at best returned inconsistent headers and at worst allowed cross-origin activities that were expected to …	CWE-200 Information Exposure	CVE-2015-9236	2024-11-21 11:40	2018-06-1	Show	GitHub Exploit DB Packet Storm

266915	9.8	CRITICAL Network	mysqljs	mysql	Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection.	CWE-89 SQL Injection	CVE-2015-9244	2024-11-21 11:40	2018-05-30	Show	GitHub Exploit DB Packet Storm

266916	5.9	MEDIUM Network	hapijs	hapi	When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included security restrictions (like origin), a hi…	CWE-254 7PK - Security Features	CVE-2015-9243	2024-11-21 11:40	2018-05-30	Show	GitHub Exploit DB Packet Storm

266917	7.5	HIGH Network	ecstatic_project	ecstatic	Certain input strings when passed to new Date() or Date.parse() in ecstatic node module before 1.4.0 will cause v8 to raise an exception. This leads to a crash and denial of service in ecstatic when …	CWE-20 Improper Input Validation	CVE-2015-9242	2024-11-21 11:40	2018-05-30	Show	GitHub Exploit DB Packet Storm

266918	7.5	HIGH Network	hapijs	hapi	Certain input passed into the If-Modified-Since or Last-Modified headers will cause an 'illegal access' exception to be raised. Instead of sending a HTTP 500 error back to the sender, hapi node modul…	CWE-20 Improper Input Validation	CVE-2015-9241	2024-11-21 11:40	2018-05-30	Show	GitHub Exploit DB Packet Storm

266919	7.5	HIGH Network	keystonejs	keystone	Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. A correct password is still required to complete sign in.	CWE-255 Credentials Management	CVE-2015-9240	2024-11-21 11:40	2018-05-30	Show	GitHub Exploit DB Packet Storm

266920	9.8	CRITICAL Network	auth0	jsonwebtoken	In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attack…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2015-9235	2024-11-21 11:40	2018-05-30	Show	GitHub Exploit DB Packet Storm