Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 28, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252821	4.3	警告	JoomlaTune Joomla!	-	JoomlaTune JComments におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5048	2011-11-25 11:42	2011-11-23	Show	GitHub Exploit DB Packet Storm

252822	7.5	危険	V-EVA	-	V-EVA Press Release Script における任意の SQL コマンドを実行される脆弱性	CWE-89 SQLインジェクション	CVE-2010-5047	2011-11-25 11:41	2011-11-23	Show	GitHub Exploit DB Packet Storm

252823	4.3	警告	ecoCMS	-	ecoCMS の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-5046	2011-11-25 11:40	2011-11-23	Show	GitHub Exploit DB Packet Storm

252824	7.5	危険	Alephsystem	-	CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5058	2011-11-25 10:14	2011-11-23	Show	GitHub Exploit DB Packet Storm

252825	7.5	危険	Alephsystem	-	CMS Ariadna の detResolucion.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5057	2011-11-25 10:13	2011-11-23	Show	GitHub Exploit DB Packet Storm

252826	7.5	危険	IXXO Internet Solutions	-	XOBBIX コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-5053	2011-11-25 10:08	2011-11-23	Show	GitHub Exploit DB Packet Storm

252827	4.3	警告	Joomla!	-	Joomla! におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4332	2011-11-25 09:39	2011-03-24	Show	GitHub Exploit DB Packet Storm

252828	5	警告	Joomla!	-	Joomla! における任意のユーザのパスワードを変更される脆弱性	CWE-189 数値処理の問題	CVE-2011-4321	2011-11-25 09:38	2011-10-28	Show	GitHub Exploit DB Packet Storm

252829	7.6	危険	アップル	-	Apple Mac OS X におけるネットワークリソースにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1516	2011-11-24 16:27	2011-11-15	Show	GitHub Exploit DB Packet Storm

252830	7.6	危険	アップル	-	Apple Mac OS X におけるネットワークリソースにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-7303	2011-11-24 16:27	2011-11-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
264861	4.4	MEDIUM Local	qemu	qemu	The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU …	NVD-CWE-noinfo	CVE-2016-7157	2024-11-21 11:57	2016-12-10	Show	GitHub Exploit DB Packet Storm

264862	4.4	MEDIUM Local	qemu debian	qemu debian_linux	The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by lev…	CWE-704 Incorrect Type Conversion or Cast	CVE-2016-7156	2024-11-21 11:57	2016-12-10	Show	GitHub Exploit DB Packet Storm

264863	4.4	MEDIUM Local	qemu debian	qemu debian_linux	hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page …	NVD-CWE-noinfo	CVE-2016-7155	2024-11-21 11:57	2016-12-10	Show	GitHub Exploit DB Packet Storm

264864	6.0	MEDIUM Local	qemu debian	qemu debian_linux	Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified s…	CWE-22 Path Traversal	CVE-2016-7116	2024-11-21 11:57	2016-12-10	Show	GitHub Exploit DB Packet Storm

264865	4.4	MEDIUM Local	qemu debian redhat	qemu debian_linux virtualization openstack	Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the max…	CWE-190 Integer Overflow or Wraparound	CVE-2016-6888	2024-11-21 11:57	2016-12-10	Show	GitHub Exploit DB Packet Storm

264866	5.6	MEDIUM Network	netapp	netapp_plug-in	NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.	CWE-295 Improper Certificate Validation	CVE-2016-7171	2024-11-21 11:57	2016-12-6	Show	GitHub Exploit DB Packet Storm

264867	6.4	MEDIUM Local	siemens	simatic_wincc simatic_wincc_runtime simatic_wincc_\(tia_portal\) simit simatic_pcs7 simatic_step_7_\(tia_portal\) simatic_pcs_7 sinema_remote_connect simatic_step_7 simatic…	A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), S…	CWE-254 CWE-284 7PK - Security Features Improper Access Control	CVE-2016-7165	2024-11-21 11:57	2016-11-16	Show	GitHub Exploit DB Packet Storm

264868	6.1	MEDIUM Network	moinmo	moinmoin	MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile…	CWE-79 Cross-site Scripting	CVE-2016-7148	2024-11-21 11:57	2016-11-11	Show	GitHub Exploit DB Packet Storm

264869	6.1	MEDIUM Network	moinmo	moinmoin	MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the ac…	CWE-79 Cross-site Scripting	CVE-2016-7146	2024-11-21 11:57	2016-11-11	Show	GitHub Exploit DB Packet Storm

264870	8.8	HIGH Network	microsoft	sql_server	Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS E…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-7254	2024-11-21 11:57	2016-11-10	Show	GitHub Exploit DB Packet Storm