Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252781 4.3 警告 IBM - IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0779 2010-09-29 16:00 2010-06-18 Show GitHub Exploit DB Packet Storm
252782 4.3 警告 IBM - IBM HTTP Server の mod_ibm_ssl におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2327 2010-09-29 15:59 2010-03-18 Show GitHub Exploit DB Packet Storm
252783 6.9 警告 アップル - Windows 上で稼働する Apple Safari における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1805 2010-09-28 14:46 2010-09-7 Show GitHub Exploit DB Packet Storm
252784 4.3 警告 Zope Foundation - Zope の ZServer におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2010-3198 2010-09-28 14:46 2010-09-1 Show GitHub Exploit DB Packet Storm
252785 - - Blackboard, Inc. - Blackboard Transact データベースに情報漏えいの脆弱性 - - 2010-09-28 14:46 2010-09-2 Show GitHub Exploit DB Packet Storm
252786 6.8 警告 w3m project
ターボリナックス
サイバートラスト株式会社
レッドハット		 - w3m のistream.c における X.509 証明書の処理に関する任意の SSL サーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2074 2010-09-27 16:24 2010-06-16 Show GitHub Exploit DB Packet Storm
252787 6.8 警告 レッドハット
サイバートラスト株式会社
ターボリナックス
OpenLDAP Foundation		 - OpenLDAP における任意の SSL サーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2009-3767 2010-09-27 16:23 2009-10-23 Show GitHub Exploit DB Packet Storm
252788 4.3 警告 Opera Software ASA - Opera におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3021 2010-09-27 16:21 2010-08-12 Show GitHub Exploit DB Packet Storm
252789 5 警告 Opera Software ASA - Opera の news-feed プレビュー機能における任意のフィードの購読を強制される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3020 2010-09-27 16:21 2010-08-12 Show GitHub Exploit DB Packet Storm
252790 9.3 危険 Opera Software ASA - Opera におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3019 2010-09-27 16:21 2010-08-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
250861 8.8 HIGH
Adjacent 		tenda ac9_firmware
ac15_firmware
ac18_firmware 		Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_A… CWE-78
OS Command  		CVE-2017-16923 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250862 9.8 CRITICAL
Network 		finecms finecms v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows remote attackers to upload arbitrary .php files via … NVD-CWE-noinfo
CVE-2017-16920 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250863 5.4 MEDIUM
Network 		mapos_project mapos MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description … CWE-79
Cross-site Scripting 		CVE-2017-16919 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250864 9.8 CRITICAL
Network 		ffmpeg
debian 		ffmpeg
debian_linux 		The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related t… CWE-125
Out-of-bounds Read 		CVE-2017-16840 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250865 5.4 MEDIUM
Network 		horde groupware In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the … CWE-79
Cross-site Scripting 		CVE-2017-16908 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250866 5.4 MEDIUM
Network 		horde groupware In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action. CWE-79
Cross-site Scripting 		CVE-2017-16907 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250867 5.4 MEDIUM
Network 		horde groupware In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. CWE-79
Cross-site Scripting 		CVE-2017-16906 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250868 6.1 MEDIUM
Network 		lvyecms_project lvyecms The Public tologin feature in admin.php in LvyeCMS through 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an administrator. CWE-79
Cross-site Scripting 		CVE-2017-16904 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250869 9.8 CRITICAL
Network 		lvyecms_project lvyecms LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, wit… CWE-22
Path Traversal 		CVE-2017-16903 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
250870 7.5 HIGH
Network 		vonage vdv-23_firmware On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-16902 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm