Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252171 7.2 危険 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4296 2010-12-27 15:38 2010-12-2 Show GitHub Exploit DB Packet Storm
252172 6.9 警告 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-4295 2010-12-27 15:36 2010-12-2 Show GitHub Exploit DB Packet Storm
252173 9.3 危険 VMware - 複数の VMware 製品の VMnc メディアコーデック内にあるフレーム復元機能における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4294 2010-12-27 15:33 2010-12-2 Show GitHub Exploit DB Packet Storm
252174 2.1 注意 アップル - Windows 上で稼働する Apple QuickTime における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0530 2010-12-27 15:07 2010-12-9 Show GitHub Exploit DB Packet Storm
252175 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1508 2010-12-27 15:06 2010-12-9 Show GitHub Exploit DB Packet Storm
252176 9.3 危険 アップル - Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3800 2010-12-27 14:59 2010-12-9 Show GitHub Exploit DB Packet Storm
252177 9.3 危険 マイクロソフト - Microsoft Internet Explorer における無効なフラグ参照に起因する脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3962 2010-12-27 14:36 2010-11-4 Show GitHub Exploit DB Packet Storm
252178 10 危険 CA Technologies - CA PSFormX および CA WebScan ActiveX コントロールにおける任意のコードを実行される脆弱性 CWE-20
CWE-noinfo
CVE-2010-2193 2010-12-27 11:49 2010-06-8 Show GitHub Exploit DB Packet Storm
252179 2.6 注意 CA Technologies - CA eHealth Performance Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0640 2010-12-27 11:44 2010-02-24 Show GitHub Exploit DB Packet Storm
252180 9.3 危険 CA Technologies - CA eTrust PestPatrol の PestPatrol ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4225 2010-12-27 11:41 2009-12-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
306011 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: bpf: fix overflow check in adjust_jmp_off() adjust_jmp_off() incorrectly used the insn->imm field for all overflow check, which i… CWE-190
 Integer Overflow or Wraparound 		CVE-2024-43838 2024-10-30 01:24 2024-08-17 Show GitHub Exploit DB Packet Storm
306012 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_repl… CWE-415
 Double Free 		CVE-2024-49983 2024-10-30 01:23 2024-10-22 Show GitHub Exploit DB Packet Storm
306013 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in t… CWE-787
 Out-of-bounds Write 		CVE-2024-49984 2024-10-30 01:22 2024-10-22 Show GitHub Exploit DB Packet Storm
306014 6.1 MEDIUM
Network 		rollupjs rollup Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from `import.meta` (e.g… CWE-79
Cross-site Scripting 		CVE-2024-47068 2024-10-30 01:15 2024-09-24 Show GitHub Exploit DB Packet Storm
306015 4.8 MEDIUM
Network 		aftabhusain category_and_taxonomy_meta_fields The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image meta field value in the 'wpaft_add_meta_textinput' function in versions up to, an… CWE-79
Cross-site Scripting 		CVE-2024-9590 2024-10-30 01:07 2024-10-22 Show GitHub Exploit DB Packet Storm
306016 4.8 MEDIUM
Network 		aftabhusain category_and_taxonomy_meta_fields The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'new_meta_name' parameter in the 'wpaft_option_page' function in versions up to, and in… CWE-79
Cross-site Scripting 		CVE-2024-9589 2024-10-30 01:07 2024-10-22 Show GitHub Exploit DB Packet Storm
306017 4.8 MEDIUM
Network 		aftabhusain category_and_taxonomy_image The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_category_image' parameter in versions up to, and including, 1.0.0 due to insufficient input… CWE-79
Cross-site Scripting 		CVE-2024-9591 2024-10-30 01:04 2024-10-22 Show GitHub Exploit DB Packet Storm
306018 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN401 'stream_enc_regs' array is an array of dcn10_stream… CWE-129
 Improper Validation of Array Index 		CVE-2024-49970 2024-10-30 00:57 2024-10-22 Show GitHub Exploit DB Packet Storm
306019 9.1 CRITICAL
Network 		openrefine butterfly The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resour… CWE-22
Path Traversal 		CVE-2024-47883 2024-10-30 00:38 2024-10-25 Show GitHub Exploit DB Packet Storm
306020 - - - HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this… - CVE-2024-30124 2024-10-30 00:35 2024-10-24 Show GitHub Exploit DB Packet Storm