Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252771	7.6	危険	GNOME Project レッドハット	-	Evince の PK フォントパーサにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2640	2011-01-26 15:10	2011-01-5	Show	GitHub Exploit DB Packet Storm

252772	5	警告	MODX	-	MODx Evolution におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3930	2011-01-26 14:02	2011-01-26	Show	GitHub Exploit DB Packet Storm

252773	7.5	危険	MODX	-	MODx Evolution における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3929	2011-01-26 14:01	2011-01-26	Show	GitHub Exploit DB Packet Storm

252774	9.3	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4042	2011-01-26 13:28	2010-10-19	Show	GitHub Exploit DB Packet Storm

252775	6.8	警告	Google	-	Linux 上で稼働する Google Chrome のサンドボックス実装におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4041	2011-01-26 13:26	2010-10-19	Show	GitHub Exploit DB Packet Storm

252776	9.3	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2010-4040	2011-01-26 13:23	2010-10-19	Show	GitHub Exploit DB Packet Storm

252777	7.5	危険	Google	-	Linux 上で稼働する Google Chrome における脆弱性	CWE-DesignError CWE-noinfo	CVE-2010-4039	2011-01-26 13:17	2010-10-19	Show	GitHub Exploit DB Packet Storm

252778	4.3	警告	Google	-	Google Chrome の Web Sockets 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4038	2011-01-26 13:12	2010-10-19	Show	GitHub Exploit DB Packet Storm

252779	4.3	警告	Google	-	Google Chrome におけるポップアップブロッカーを回避される脆弱性	CWE-noinfo 情報不足	CVE-2010-4037	2011-01-26 13:10	2010-10-19	Show	GitHub Exploit DB Packet Storm

252780	6.8	警告	Google	-	Google Chrome における URL をなりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2010-4036	2011-01-26 13:08	2010-10-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
281871	7.5	HIGH Network	phoner	phonerlite	The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack…	CWE-916 Use of Password Hash With Insufficient Computational Effort	CVE-2014-2560	2024-11-21 11:06	2020-02-12	Show	GitHub Exploit DB Packet Storm

281872	9.8	CRITICAL Network	barracuda	web_application_firewall	Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.	CWE-613 Insufficient Session Expiration	CVE-2014-2595	2024-11-21 11:06	2020-02-12	Show	GitHub Exploit DB Packet Storm

281873	7.5	HIGH Network	smb4k_project fedoraproject	smb4k fedora	Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit.	CWE-522 Insufficiently Protected Credentials	CVE-2014-2581	2024-11-21 11:06	2020-01-29	Show	GitHub Exploit DB Packet Storm

281874	8.1	HIGH Network	xmind	xmind	The update process in Xmind 3.4.1 and earlier allow remote attackers to execute arbitrary code via a man-in-the-middle attack.	NVD-CWE-Other	CVE-2014-2680	2024-11-21 11:06	2020-01-22	Show	GitHub Exploit DB Packet Storm

281875	7.5	HIGH Network	redhat	ansible	Ansible prior to 1.5.4 mishandles the evaluation of some strings.	CWE-670 Always-Incorrect Control Flow Implementation	CVE-2014-2686	2024-11-21 11:06	2020-01-9	Show	GitHub Exploit DB Packet Storm

281876	9.8	CRITICAL Network	atos	openstage_80_firmware openstage_80_g_firmware openstage_60_g_firmware openstage_60_firmware openstage_40_firmware openstage_40_g_firmware openstage_20_e_firmware openstage_20_fir…	Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface	CWE-287 Improper Authentication	CVE-2014-2651	2024-11-21 11:06	2020-01-9	Show	GitHub Exploit DB Packet Storm

281877	9.8	CRITICAL Network	atos	openstage_80_firmware openstage_80_g_firmware openstage_60_g_firmware openstage_60_firmware openstage_40_firmware openstage_40_g_firmware openstage_20_e_firmware openstage_20_fir…	Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface	CWE-78 OS Command	CVE-2014-2650	2024-11-21 11:06	2020-01-9	Show	GitHub Exploit DB Packet Storm

281878	4.4	MEDIUM Local	pen_project opensuse debian	pen opensuse debian_linux	Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2014-2387	2024-11-21 11:06	2019-12-13	Show	GitHub Exploit DB Packet Storm

281879	7.5	HIGH Network	projectfloodlight	open_sdn_controller	A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a denial of service attack and crashing of the controller service. This effect is the result of a flaw i…	CWE-20 Improper Input Validation	CVE-2014-2304	2024-11-21 11:06	2019-10-24	Show	GitHub Exploit DB Packet Storm

281880	8.8	HIGH Network	apereo	cas_server	XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows rem…	CWE-611 XXE	CVE-2014-2296	2024-11-21 11:06	2018-07-21	Show	GitHub Exploit DB Packet Storm