Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252191	10	危険	CA Technologies	-	複数の CA 製品の Arclib library におけるウィルス検知を回避される脆弱性	CWE-DesignError CWE-noinfo	CVE-2009-0042	2010-12-27 10:30	2009-01-26	Show	GitHub Exploit DB Packet Storm

252192	9.3	危険	アドビシステムズ	-	Adobe Illustrator における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-3152	2010-12-24 16:16	2010-12-3	Show	GitHub Exploit DB Packet Storm

252193	-	-	Laurent Destailleur	-	AWStats に脆弱性	-	-	2010-12-24 16:06	2010-12-1	Show	GitHub Exploit DB Packet Storm

252194	5	警告	ISC, Inc.	-	ISC BIND named の allow-query の処理における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3615	2010-12-24 16:01	2010-12-2	Show	GitHub Exploit DB Packet Storm

252195	9.3	危険	CA Technologies	-	CA eTrust Antivirus における HTML ドキュメント内のマルウェアの検出を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2008-5529	2010-12-24 11:50	2008-12-12	Show	GitHub Exploit DB Packet Storm

252196	10	危険	CA Technologies	-	Windows 上で稼働する CA ARCserve Backup の LDBserver サービスにおける任意のコードを実行される脆弱性	CWE-DesignError	CVE-2008-5415	2010-12-24 11:50	2008-12-10	Show	GitHub Exploit DB Packet Storm

252197	5	警告	CA Technologies	-	CA ARCserve Backup の asdbapi.dll におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-4400	2010-12-24 11:48	2008-10-9	Show	GitHub Exploit DB Packet Storm

252198	5	警告	CA Technologies	-	CA ARCserve Backup の asdbapi.dll のデータベースエンジンサービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2008-4399	2010-12-24 11:48	2008-10-9	Show	GitHub Exploit DB Packet Storm

252199	5	警告	CA Technologies	-	CA ARCserve Backup の asdbapi.dll のテープエンジンサービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 CWE-noinfo	CVE-2008-4398	2010-12-24 11:47	2008-10-9	Show	GitHub Exploit DB Packet Storm

252200	10	危険	CA Technologies	-	CA ARCserve Backup の RPC インターフェイスにおけるディレクトリトラバーサルの脆弱性	CWE-20 CWE-22	CVE-2008-4397	2010-12-24 11:47	2008-10-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271091	-	milw0rm_project	milw0rm_clone_script	SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 allows remote attackers to execute arbitrary SQL commands via the program parameter.	CWE-89 SQL Injection	CVE-2015-4137	2024-11-21 11:30	2015-05-29	Show	GitHub Exploit DB Packet Storm

271092	-	roomcloud	roomcloud	Multiple cross-site scripting (XSS) vulnerabilities in roomcloud.php in the Roomcloud plugin before 1.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) pin, (2…	CWE-79 Cross-site Scripting	CVE-2015-3904	2024-11-21 11:30	2015-05-29	Show	GitHub Exploit DB Packet Storm

271093	-	phpwind	phpwind	Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 allows remote attackers to inject arbitrary web script or HTML via the url parameter.	CWE-79 Cross-site Scripting	CVE-2015-4135	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm

271094	-	phpwind	phpwind	Open redirect vulnerability in goto.php in phpwind 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.	NVD-CWE-Other	CVE-2015-4134	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm

271095	-	reflex_gallery_project	reflex_gallery	Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading…	NVD-CWE-Other	CVE-2015-4133	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm

271096	-	arubanetworks	clearpass_policy_manager	Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to inject arbitrary web script or HTML via unspecified v…	CWE-79 Cross-site Scripting	CVE-2015-4132	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm

271097	-	church_admin_project	church_admin	Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrate…	CWE-79 Cross-site Scripting	CVE-2015-4127	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm

271098	-	free-counter	free_counter	Cross-site scripting (XSS) vulnerability in the Free Counter plugin 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value_ parameter in a check_stat action to…	CWE-79 Cross-site Scripting	CVE-2015-4084	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm

271099	-	tri	gigpress	Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_arti…	CWE-89 SQL Injection	CVE-2015-4066	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm

271100	-	landing_pages_project	landing_pages	Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web s…	CWE-79 Cross-site Scripting	CVE-2015-4065	2024-11-21 11:30	2015-05-28	Show	GitHub Exploit DB Packet Storm