Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252631 9.3 危険 マイクロソフト - 複数の Microsoft 製品の Embedded OpenType Font Engine における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1883 2010-10-25 16:37 2010-10-12 Show GitHub Exploit DB Packet Storm
252632 7.6 危険 マイクロソフト - 複数の Microsoft 製品の Media Player Network Sharing Service における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3225 2010-10-25 16:36 2010-10-12 Show GitHub Exploit DB Packet Storm
252633 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3331 2010-10-25 16:35 2010-10-12 Show GitHub Exploit DB Packet Storm
252634 4.3 警告 マイクロソフト - Microsoft Internet Explorer における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-3330 2010-10-25 16:35 2010-10-12 Show GitHub Exploit DB Packet Storm
252635 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3329 2010-10-25 16:34 2010-10-12 Show GitHub Exploit DB Packet Storm
252636 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3328 2010-10-25 16:33 2010-10-12 Show GitHub Exploit DB Packet Storm
252637 4.3 警告 マイクロソフト - Microsoft Internet Explorer の HTML コンテンツ作成の実装における削除済みの重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-3327 2010-10-25 16:32 2010-10-12 Show GitHub Exploit DB Packet Storm
252638 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3326 2010-10-25 16:32 2010-10-12 Show GitHub Exploit DB Packet Storm
252639 4.3 警告 マイクロソフト - Microsoft Internet Explorer における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-3325 2010-10-25 16:31 2010-10-12 Show GitHub Exploit DB Packet Storm
252640 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1263 2010-10-25 16:29 2010-06-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
283441 - no-margin-for-errors prettyphoto Cross-site scripting (XSS) vulnerability in the setTimeout function in js/jquery.prettyPhoto.js in prettyPhoto 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a c… CWE-79
Cross-site Scripting 		CVE-2013-6837 2024-11-21 10:59 2013-12-19 Show GitHub Exploit DB Packet Storm
283442 - gnome gnumeric Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a cr… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-6836 2024-11-21 10:59 2013-12-19 Show GitHub Exploit DB Packet Storm
283443 - zabbix zabbix Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter. CWE-94
Code Injection 		CVE-2013-6824 2024-11-21 10:59 2013-12-19 Show GitHub Exploit DB Packet Storm
283444 - cisco cisco_ons_15454_system_software
ons_15454_mspp
ons_15454_mstp
ons_15454e_optical_transport_platform
ons_15454
ons_15454_multiservice_transport_platform
ons_15454_sdh_multiservice_pr… 		The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to c… CWE-20
 Improper Input Validation  		CVE-2013-6701 2024-11-21 10:59 2013-12-19 Show GitHub Exploit DB Packet Storm
283445 - cru-inc ditto_forensic_fieldstation_firmware
ditto_forensic_fieldstation 		Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests … CWE-352
 Origin Validation Error 		CVE-2013-6883 2024-11-21 10:59 2013-12-18 Show GitHub Exploit DB Packet Storm
283446 - cru-inc ditto_forensic_fieldstation_firmware
ditto_forensic_fieldstation 		Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the u… CWE-79
Cross-site Scripting 		CVE-2013-6882 2024-11-21 10:59 2013-12-18 Show GitHub Exploit DB Packet Storm
283447 - ibm sametime Cross-site scripting (XSS) vulnerability in the Web Application in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML vi… CWE-79
Cross-site Scripting 		CVE-2013-6733 2024-11-21 10:59 2013-12-18 Show GitHub Exploit DB Packet Storm
283448 - ibm websphere_service_registry_and_repository Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web… CWE-79
Cross-site Scripting 		CVE-2013-6721 2024-11-21 10:59 2013-12-18 Show GitHub Exploit DB Packet Storm
283449 - ibm security_access_manager_for_web
content_manager_ondemand_for_multiplatforms
global_security_kit 		IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a denial of service via a crafted handshake during resumption… CWE-310
Cryptographic Issues 		CVE-2013-6329 2024-11-21 10:59 2013-12-18 Show GitHub Exploit DB Packet Storm
283450 - ibm sterling_connect_enterprise_http_option Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web … CWE-79
Cross-site Scripting 		CVE-2013-6327 2024-11-21 10:59 2013-12-18 Show GitHub Exploit DB Packet Storm