Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252211	10	危険	ターボリナックス ProFTPD Project	-	ProFTPD の pr_netio_telnet_get 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4221	2010-12-22 15:20	2010-10-29	Show	GitHub Exploit DB Packet Storm

252212	7.1	危険	サイバートラスト株式会社 ProFTPD Project ターボリナックス	-	ProFTPD の mod_site_misc モジュールにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3867	2010-12-22 15:19	2010-10-29	Show	GitHub Exploit DB Packet Storm

252213	9.3	危険	Mozilla Foundation オラクル	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3174	2010-12-22 15:16	2010-10-19	Show	GitHub Exploit DB Packet Storm

252214	4.3	警告	Mozilla Foundation オラクル	-	複数の Mozilla 製品の SafeJSObjectWrapper 実装における同一生成元ポリシーを回避される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2763	2010-12-22 15:15	2010-09-7	Show	GitHub Exploit DB Packet Storm

252215	4.3	警告	ISC, Inc. レッドハット	-	ISC DHCP サーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2010-3611	2010-12-22 14:25	2010-11-2	Show	GitHub Exploit DB Packet Storm

252216	5	警告	Wireshark	-	Wireshark の ZigBee ZCL 解析部の epan/dissectors/packet-zbee-zcl.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4301	2010-12-22 14:20	2010-11-18	Show	GitHub Exploit DB Packet Storm

252217	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品におけるクロスサイトスクリプティングを誘導される脆弱性	CWE-20 不適切な入力確認	CVE-2010-1210	2010-12-21 16:14	2010-07-20	Show	GitHub Exploit DB Packet Storm

252218	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の XMLDocument::load 関数におけるアクセス制限を回避される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0182	2010-12-21 16:11	2010-03-30	Show	GitHub Exploit DB Packet Storm

252219	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0179	2010-12-21 16:10	2010-03-30	Show	GitHub Exploit DB Packet Storm

252220	7.6	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0178	2010-12-21 16:09	2010-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
250431	5.9	MEDIUM Network	microsoft horde flipdogsolutions r2mail2 apple bloop freron mozilla emclient postbox-inc roundcube	outlook horde_imp maildroid r2mail2 mail airmail mailmate thunderbird emclient postbox webmail	The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a probl…	NVD-CWE-noinfo	CVE-2017-17688	2024-11-21 12:18	2018-05-17	Show	GitHub Exploit DB Packet Storm

250432	9.8	CRITICAL Network	fortinet	fortiwlc	The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell.	CWE-798 Use of Hard-coded Credentials	CVE-2017-17540	2024-11-21 12:18	2018-05-8	Show	GitHub Exploit DB Packet Storm

250433	9.8	CRITICAL Network	fortinet	fortiwlc	The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell.	CWE-798 Use of Hard-coded Credentials	CVE-2017-17539	2024-11-21 12:18	2018-05-8	Show	GitHub Exploit DB Packet Storm

250434	7.5	HIGH Network	fortinet	forticlient forticlient_sslvpn_client	Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Clie…	CWE-326 Inadequate Encryption Strength	CVE-2017-17543	2024-11-21 12:18	2018-04-27	Show	GitHub Exploit DB Packet Storm

250435	8.8	HIGH Network	foxitsoftware	phantompdf foxit_reader	In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the b…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-17557	2024-11-21 12:18	2018-04-25	Show	GitHub Exploit DB Packet Storm

250436	9.8	CRITICAL Network	openslp debian canonical redhat lenovo	openslp debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterpr…	OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-17833	2024-11-21 12:18	2018-04-24	Show	GitHub Exploit DB Packet Storm

250437	9.8	CRITICAL Network	kliqqi	kliqqi_cms	SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI.	CWE-89 SQL Injection	CVE-2017-17902	2024-11-21 12:18	2018-04-23	Show	GitHub Exploit DB Packet Storm

250438	5.4	MEDIUM Network	kliqqi	kliqqi_cms	Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, a crafted Homepage string in a profile, or a crafted string in Tags or Description within pligg/submit.php.	CWE-79 Cross-site Scripting	CVE-2017-17889	2024-11-21 12:18	2018-04-23	Show	GitHub Exploit DB Packet Storm

250439	5.3	MEDIUM Network	ruby-lang debian	ruby debian_linux	Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTT…	CWE-113 HTTP Response Splitting	CVE-2017-17742	2024-11-21 12:18	2018-04-4	Show	GitHub Exploit DB Packet Storm

250440	7.8	HIGH Local	google	android	In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an …	CWE-476 NULL Pointer Dereference	CVE-2017-17770	2024-11-21 12:18	2018-04-4	Show	GitHub Exploit DB Packet Storm