Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252221	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0176	2010-12-21 16:06	2010-03-30	Show	GitHub Exploit DB Packet Storm

252222	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の nsTreeSelection の実装における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0175	2010-12-21 16:02	2010-03-30	Show	GitHub Exploit DB Packet Storm

252223	10	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-0174	2010-12-21 16:01	2010-03-30	Show	GitHub Exploit DB Packet Storm

252224	9.3	危険	Mozilla Foundation オラクル	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-0173	2010-12-21 16:00	2010-03-30	Show	GitHub Exploit DB Packet Storm

252225	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	Mozilla Thunderbird/SeaMonkey における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-0163	2010-12-21 15:59	2010-03-16	Show	GitHub Exploit DB Packet Storm

252226	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash に脆弱性	CWE-noinfo 情報不足	CVE-2010-2884	2010-12-21 15:57	2010-09-15	Show	GitHub Exploit DB Packet Storm

252227	6.9	警告	CVS レッドハット	-	CVS の rcs.c 内にある apply_rcs_change 関数における権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2010-3846	2010-12-21 15:30	2010-11-5	Show	GitHub Exploit DB Packet Storm

252228	10	危険	RealFlex Technologies	-	RealFlex RealWin HMI サービスにバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4142	2010-12-21 15:25	2010-11-22	Show	GitHub Exploit DB Packet Storm

252229	4.3	警告	Webmin Project オラクル	-	Webmin および Usermin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4568	2010-12-21 15:14	2010-01-5	Show	GitHub Exploit DB Packet Storm

252230	6.8	警告	富士通	-	Interstage Application Server における許可されていない IP アドレスからのリクエストのアクセスを許可する脆弱性	CWE-noinfo 情報不足	-	2010-12-21 14:14	2010-11-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271801	-	xml-libxml_project canonical debian fedoraproject opensuse	xml-libxml ubuntu_linux debian_linux fedora opensuse	The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to t…	CWE-611 XXE	CVE-2015-3451	2024-11-21 11:29	2015-05-13	Show	GitHub Exploit DB Packet Storm

271802	-	thekelleys oracle	dnsmasq solaris	The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of se…	CWE-19 Data Processing Errors	CVE-2015-3294	2024-11-21 11:29	2015-05-8	Show	GitHub Exploit DB Packet Storm

271803	-	siemens	homecontrol_for_room_automation	The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obt…	CWE-310 Cryptographic Issues	CVE-2015-3610	2024-11-21 11:29	2015-05-7	Show	GitHub Exploit DB Packet Storm

271804	-	foxitsoftware	enterprise_reader foxit_reader phantompdf	Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-3633	2024-11-21 11:29	2015-05-2	Show	GitHub Exploit DB Packet Storm

271805	-	foxitsoftware	enterprise_reader phantompdf foxit_reader	Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-3632	2024-11-21 11:29	2015-05-2	Show	GitHub Exploit DB Packet Storm

271806	-	alienvault	unified_security_management	The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file (.cfg).	CWE-94 Code Injection	CVE-2015-3446	2024-11-21 11:29	2015-05-2	Show	GitHub Exploit DB Packet Storm

271807	-	samsung	samsung_security_manager	Samsung Security Manager (SSM) before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP (1) PUT or (2) MOVE request.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-3435	2024-11-21 11:29	2015-05-2	Show	GitHub Exploit DB Packet Storm

271808	-	elasticsearch	elasticsearch	Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.	CWE-22 Path Traversal	CVE-2015-3337	2024-11-21 11:29	2015-05-2	Show	GitHub Exploit DB Packet Storm

271809	-	hospira	lifecare_pcainfusion_firmware lifecare_pca3 lifecare_pca5	The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuratio…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-3459	2024-11-21 11:29	2015-04-30	Show	GitHub Exploit DB Packet Storm

271810	-	magento	magento	The fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 does not restrict the stream wrapper used in a templat…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-3458	2024-11-21 11:29	2015-04-30	Show	GitHub Exploit DB Packet Storm