Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252551	7.5	危険	IBM Apache Software Foundation	-	Apache Axis2 における任意のファイルを読まれる脆弱性	CWE-20 不適切な入力確認	CVE-2010-1632	2010-11-9 15:29	2010-06-22	Show	GitHub Exploit DB Packet Storm

252552	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer における QCP ファイルの処理に関するヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2578	2010-11-9 14:51	2010-10-15	Show	GitHub Exploit DB Packet Storm

252553	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の rjrmrpln.dll における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-3750	2010-11-9 14:50	2010-10-15	Show	GitHub Exploit DB Packet Storm

252554	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-3747	2010-11-9 14:50	2010-10-15	Show	GitHub Exploit DB Packet Storm

252555	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2998	2010-11-9 14:50	2010-10-15	Show	GitHub Exploit DB Packet Storm

252556	-	-	Artifex Software	-	Ghostscript にサービス運用妨害 (DoS) の脆弱性	-	-	2010-11-9 14:46	2010-10-13	Show	GitHub Exploit DB Packet Storm

252557	4	警告	IBM	-	IBM DB2 におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3475	2010-11-8 16:09	2010-08-5	Show	GitHub Exploit DB Packet Storm

252558	5	警告	IBM	-	IBM DB2 におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3474	2010-11-8 16:08	2010-04-19	Show	GitHub Exploit DB Packet Storm

252559	9.3	危険	ジャストシステム	-	一太郎シリーズにおける任意のコードが実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3916	2010-11-5 15:02	2010-11-4	Show	GitHub Exploit DB Packet Storm

252560	9.3	危険	ジャストシステム	-	一太郎シリーズにおける任意のコードが実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3915	2010-11-5 15:01	2010-11-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248321	7.8	HIGH Local	hawt.io	hawtio	hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-2617	2024-11-21 12:23	2018-05-23	Show	GitHub Exploit DB Packet Storm

248322	4.3	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of t…	CWE-200 Information Exposure	CVE-2017-2609	2024-11-21 12:23	2018-05-23	Show	GitHub Exploit DB Packet Storm

248323	5.4	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes (SECURITY-382). Jenkins allows plugins to annotate build logs, adding new content…	CWE-79 Cross-site Scripting	CVE-2017-2607	2024-11-21 12:23	2018-05-22	Show	GitHub Exploit DB Packet Storm

248324	5.4	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers coul…	CWE-352 Origin Validation Error	CVE-2017-2613	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

248325	5.4	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names…	CWE-79 Cross-site Scripting	CVE-2017-2610	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

248326	4.3	MEDIUM Network	jenkins	jenkins	In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).	CWE-287 Improper Authentication	CVE-2017-2604	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

248327	3.5	LOW Network	jenkins	jenkins	Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. This could leak sensitive data such as API tokens (SECURITY-362).	CWE-200 Information Exposure	CVE-2017-2603	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

248328	4.3	MEDIUM Network	jenkins	jenkins	jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written …	NVD-CWE-noinfo	CVE-2017-2602	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

248329	5.4	MEDIUM Network	jenkins	jenkins	In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-2612	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm

248330	8.8	HIGH Network	jenkins	jenkins	Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs (SECURITY-383).	CWE-502 Deserialization of Untrusted Data	CVE-2017-2608	2024-11-21 12:23	2018-05-16	Show	GitHub Exploit DB Packet Storm