Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252721	6.8	警告	kMonos.NET	-	XacRett における実行ファイル読み込みに関する脆弱性	CWE-Other その他	CVE-2010-3157	2010-10-15 11:22	2010-10-15	Show	GitHub Exploit DB Packet Storm

252722	5	警告	The PHP Group	-	PHP における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-2101	2010-10-14 16:20	2010-05-26	Show	GitHub Exploit DB Packet Storm

252723	9.3	危険	レッドハット	-	Winamp および libmikmod の IN_MOD.DLL におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-3996	2010-10-14 16:19	2009-12-18	Show	GitHub Exploit DB Packet Storm

252724	9.3	危険	レッドハット	-	Winamp および libmikmod の IN_MOD.DLL におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-3995	2010-10-14 16:19	2009-12-18	Show	GitHub Exploit DB Packet Storm

252725	4.3	警告	レッドハット	-	libmikmod におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2007-6720	2010-10-14 16:19	2009-01-20	Show	GitHub Exploit DB Packet Storm

252726	7.8	危険	シスコシステムズ	-	Cisco IOS の SSL VPN 機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-2836	2010-10-13 17:00	2010-09-22	Show	GitHub Exploit DB Packet Storm

252727	7.8	危険	シスコシステムズ	-	複数の Cisco 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-2051	2010-10-13 16:59	2010-09-22	Show	GitHub Exploit DB Packet Storm

252728	7.8	危険	シスコシステムズ	-	複数の Cisco 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-2835	2010-10-13 16:59	2010-09-22	Show	GitHub Exploit DB Packet Storm

252729	7.8	危険	シスコシステムズ	-	複数の Cisco 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-2834	2010-10-13 16:59	2010-09-22	Show	GitHub Exploit DB Packet Storm

252730	6.4	警告	ジャストシステム日立ソフトウェアエンジニアリング富士通ユミルリンク	-	Internet Explorer コンポーネントを使用するアプリケーションにおけるセキュリティゾーンの扱いに関する脆弱性	-	-	2010-10-12 16:44	2005-07-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291841	-		xarrow	xarrow	Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation.	CWE-189 Numeric Errors	CVE-2012-2428	2024-11-21 10:39	2012-05-26	Show	GitHub Exploit DB Packet Storm

291842	-		xarrow	xarrow	Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-2427	2024-11-21 10:39	2012-05-26	Show	GitHub Exploit DB Packet Storm

291843	-		xarrow	xarrow	The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors.	CWE-399 Resource Management Errors	CVE-2012-2426	2024-11-21 10:39	2012-05-26	Show	GitHub Exploit DB Packet Storm

291844	-		netweblogic	login_with_ajax	Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script…	CWE-79 Cross-site Scripting	CVE-2012-2759	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

291845	-		atlassian gliffy	jira gliffy confluence_server	The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to re…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2012-2928	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

291846	-		tm_software	tempo tempo6.3.0 tempo6.3.2	The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote …	CWE-399 Resource Management Errors	CVE-2012-2927	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

291847	-		xelex	mobiletrack	The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP sessio…	CWE-255 Credentials Management	CVE-2012-2567	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

291848	-		xelex	mobiletrack	The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATE…	CWE-287 CWE-20 Improper Authentication Improper Input Validation	CVE-2012-2562	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm

291849	-		simple_php_agenda	simple_php_agenda	SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action.	CWE-89 SQL Injection	CVE-2012-2925	2024-11-21 10:39	2012-05-22	Show	GitHub Exploit DB Packet Storm

291850	9.1	CRITICAL Network	atlassian	fisheye confluence jira crucible crowd confluence_server bamboo	Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4…	NVD-CWE-noinfo	CVE-2012-2926	2024-11-21 10:39	2012-05-23	Show	GitHub Exploit DB Packet Storm