Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252381	5	警告	Wireshark	-	Wireshark の ASN.1 BER 解析部におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0445	2011-02-4 14:09	2011-01-11	Show	GitHub Exploit DB Packet Storm

252382	6.9	警告	サイバートラスト株式会社 Python Software Foundation レッドハット	-	Python の PySys_SetArgv API 関数における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2008-5983	2011-02-4 13:58	2009-04-14	Show	GitHub Exploit DB Packet Storm

252383	2.6	注意	サイバートラスト株式会社 FastJar レッドハット	-	FastJar の jartool.c 内にある extract_jar 関数におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-2322	2011-02-3 14:55	2010-06-18	Show	GitHub Exploit DB Packet Storm

252384	5.8	警告	サイバートラスト株式会社 FastJar レッドハット	-	FastJar の jartool.c 内にある extract_jar 関数におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0831	2011-02-3 14:52	2010-06-18	Show	GitHub Exploit DB Packet Storm

252385	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3652	2011-02-2 15:07	2010-11-4	Show	GitHub Exploit DB Packet Storm

252386	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3650	2011-02-2 15:06	2010-11-4	Show	GitHub Exploit DB Packet Storm

252387	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3649	2011-02-2 15:06	2010-11-4	Show	GitHub Exploit DB Packet Storm

252388	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3648	2011-02-2 15:06	2010-11-4	Show	GitHub Exploit DB Packet Storm

252389	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3647	2011-02-2 15:05	2010-11-4	Show	GitHub Exploit DB Packet Storm

252390	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3646	2011-02-2 15:05	2010-11-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
289921	-	openssl oracle polarssl	openssl openjdk polarssl	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirem…	CWE-310 Cryptographic Issues	CVE-2013-0169	2024-11-21 10:46	2013-02-9	Show	GitHub Exploit DB Packet Storm

289922	-	openssl redhat	openssl	OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service …	CWE-310 Cryptographic Issues	CVE-2013-0166	2024-11-21 10:46	2013-02-9	Show	GitHub Exploit DB Packet Storm

289923	-	ibm	sterling_connect	The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on UNIX allows remote attackers to cause a denial of service (daemon crash and disk consumption) via crafted data.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-6352	2024-11-21 10:46	2013-02-3	Show	GitHub Exploit DB Packet Storm

289924	-	ibm	cognos_tm1	Cross-site scripting (XSS) vulnerability in the Web component in IBM Cognos TM1 before 9.5.2 FP3 and 10.1 before 10.1 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecifie…	CWE-79 Cross-site Scripting	CVE-2012-6350	2024-11-21 10:46	2013-01-31	Show	GitHub Exploit DB Packet Storm

289925	-	sysax	multi_server	Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted reques…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-6530	2024-11-21 10:46	2013-01-31	Show	GitHub Exploit DB Packet Storm

289926	-	marinet	marinet_cms	Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) galleryphoto.php or (2) gallery.php; or the roomid parameter…	CWE-89 SQL Injection	CVE-2012-6529	2024-11-21 10:46	2013-01-31	Show	GitHub Exploit DB Packet Storm

289927	-	atutor	atutor	Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) themes/default/tile_search/index.tmpl.p…	CWE-79 Cross-site Scripting	CVE-2012-6528	2024-11-21 10:46	2013-01-31	Show	GitHub Exploit DB Packet Storm

289928	-	joedolson wordpress	my_calendar wordpress	Cross-site scripting (XSS) vulnerability in the My Calendar plugin before 1.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.	CWE-79 Cross-site Scripting	CVE-2012-6527	2024-11-21 10:46	2013-01-31	Show	GitHub Exploit DB Packet Storm

289929	-	vastal	freelance_zone	SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter.	CWE-89 SQL Injection	CVE-2012-6526	2024-11-21 10:46	2013-01-31	Show	GitHub Exploit DB Packet Storm

289930	-	phpbridges_dev_team	phpbridges	SQL injection vulnerability in members.php in PHPBridges allows remote attackers to execute arbitrary SQL commands via the id parameter.	CWE-89 SQL Injection	CVE-2012-6525	2024-11-21 10:46	2013-01-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed