Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252411	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0848	2011-03-17 08:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

252412	7.5	危険	サン・マイクロシステムズ VMware	-	複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0850	2011-03-17 08:17	2010-03-30	Show	GitHub Exploit DB Packet Storm

252413	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の TextXtra モジュールにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4195	2011-03-11 18:22	2011-02-8	Show	GitHub Exploit DB Packet Storm

252414	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の dirapi.dll モジュールにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4194	2011-03-11 18:21	2011-02-8	Show	GitHub Exploit DB Packet Storm

252415	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4193	2011-03-11 18:21	2011-02-8	Show	GitHub Exploit DB Packet Storm

252416	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-4192	2011-03-11 18:21	2011-02-8	Show	GitHub Exploit DB Packet Storm

252417	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-4191	2011-03-11 18:20	2011-02-8	Show	GitHub Exploit DB Packet Storm

252418	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0846	2011-03-11 10:16	2010-03-30	Show	GitHub Exploit DB Packet Storm

252419	7.5	危険	アップルサイバートラスト株式会社サン・マイクロシステムズヒューレット・パッカード VMware レッドハット	-	複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0841	2011-03-11 10:11	2010-03-30	Show	GitHub Exploit DB Packet Storm

252420	7.5	危険	アップルサイバートラスト株式会社サン・マイクロシステムズヒューレット・パッカード VMware レッドハット	-	Oracle Sun Java が Java アプレットの署名を正しく検証しない脆弱性	CWE-noinfo 情報不足	CVE-2010-0087	2011-03-11 10:10	2010-04-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
277081	-	freeipa	freeipa	Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.	CWE-79 Cross-site Scripting	CVE-2014-7850	2024-11-21 11:18	2014-11-29	Show	GitHub Exploit DB Packet Storm

277082	-	cisco	ios_xr	Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing …	CWE-362 Race Condition	CVE-2014-8005	2024-11-21 11:18	2014-11-26	Show	GitHub Exploit DB Packet Storm

277083	-	cisco	ios_xr	Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.	CWE-399 Resource Management Errors	CVE-2014-8004	2024-11-21 11:18	2014-11-26	Show	GitHub Exploit DB Packet Storm

277084	-	cisco	openh264	Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-8002	2024-11-21 11:18	2014-11-26	Show	GitHub Exploit DB Packet Storm

277085	-	cisco	openh264	Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-8001	2024-11-21 11:18	2014-11-26	Show	GitHub Exploit DB Packet Storm

277086	-	arubanetworks	airwave	The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8368	2024-11-21 11:18	2014-11-26	Show	GitHub Exploit DB Packet Storm

277087	-	arubanetworks	clearpass_policy_manager	SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before 6.3.6, and 6.4.x before 6.4.2 allows remote attackers to execute arbitrary SQL commands via unspecifi…	CWE-89 SQL Injection	CVE-2014-8367	2024-11-21 11:18	2014-11-26	Show	GitHub Exploit DB Packet Storm

277088	-	redhat	resteasy	DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external en…	CWE-20 Improper Input Validation	CVE-2014-7839	2024-11-21 11:18	2014-11-26	Show	GitHub Exploit DB Packet Storm

277089	-	liferay	liferay_portal	Cross-site scripting (XSS) vulnerability in Liferay Portal Enterprise Edition (EE) 6.2 SP8 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the _20_body parame…	CWE-79 Cross-site Scripting	CVE-2014-8349	2024-11-21 11:18	2014-11-25	Show	GitHub Exploit DB Packet Storm

277090	-	openstack fedoraproject redhat	neutron fedora openstack	OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.	CWE-20 CWE-399 Improper Input Validation Resource Management Errors	CVE-2014-7821	2024-11-21 11:18	2014-11-25	Show	GitHub Exploit DB Packet Storm