Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252821	6.4	警告	VMware	-	VMware ACE の ACE 共有フォルダ実装における無効にされた共有フォルダを有効にされる脆弱性	CWE-noinfo 情報不足	CVE-2009-0908	2010-03-23 14:10	2010-04-3	Show	GitHub Exploit DB Packet Storm

252822	2.1	注意	VMware	-	複数の VMware 製品の VI Client におけるパスワードを取得される脆弱性	CWE-200 情報漏えい	CVE-2009-0518	2010-03-23 14:10	2010-04-3	Show	GitHub Exploit DB Packet Storm

252823	4.4	警告	KVM レッドハット	-	KVM の x86 エミュレータにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0419	2010-03-23 14:09	2010-03-1	Show	GitHub Exploit DB Packet Storm

252824	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0263	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

252825	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0262	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

252826	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0261	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

252827	9.3	危険	マイクロソフト	-	複数の Microsoft 製品におけるヒープベースのバッファオーバーフローの脆弱性	CWE-94 コード・インジェクション	CVE-2010-0260	2010-03-19 10:28	2010-03-9	Show	GitHub Exploit DB Packet Storm

252828	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0258	2010-03-19 10:27	2010-03-9	Show	GitHub Exploit DB Packet Storm

252829	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0264	2010-03-19 10:27	2010-03-9	Show	GitHub Exploit DB Packet Storm

252830	9.3	危険	マイクロソフト	-	Microsoft Office Excel における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0257	2010-03-19 10:27	2010-03-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285041	-	siemens	wincc simatic_pcs7	The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for …	CWE-255 Credentials Management	CVE-2013-3958	2024-11-21 10:54	2013-06-15	Show	GitHub Exploit DB Packet Storm

285042	-	siemens	wincc simatic_pcs7	SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to e…	CWE-89 SQL Injection	CVE-2013-3957	2024-11-21 10:54	2013-06-15	Show	GitHub Exploit DB Packet Storm

285043	-	orchardproject	orchard	Cross-site scripting (XSS) vulnerability in the Orchard.Comments module in Orchard before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2013-3645	2024-11-21 10:54	2013-06-14	Show	GitHub Exploit DB Packet Storm

285044	-	juniper	junos_pulse_secure_access_service junos_pulse_access_control_service	Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service (aka UAC) with UAC OS 4.1r1 through 4.1r5 includ…	CWE-310 Cryptographic Issues	CVE-2013-3970	2024-11-21 10:54	2013-06-14	Show	GitHub Exploit DB Packet Storm

285045	-	pizzahut	pizza_hut_japan_official_order_application	The Pizza Hut Japan Official Order application before 1.1.1.a for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sen…	CWE-310 Cryptographic Issues	CVE-2013-3641	2024-11-21 10:54	2013-06-11	Show	GitHub Exploit DB Packet Storm

285046	-	filemaker	filemaker_pro filemaker_pro_advanced	Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via u…	CWE-79 Cross-site Scripting	CVE-2013-3640	2024-11-21 10:54	2013-06-11	Show	GitHub Exploit DB Packet Storm

285047	-	ffmpeg	ffmpeg	The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, …	CWE-20 Improper Input Validation	CVE-2013-3675	2024-11-21 10:54	2013-06-10	Show	GitHub Exploit DB Packet Storm

285048	-	ffmpeg	ffmpeg	The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of se…	CWE-20 Improper Input Validation	CVE-2013-3674	2024-11-21 10:54	2013-06-10	Show	GitHub Exploit DB Packet Storm

285049	-	ffmpeg	ffmpeg	The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2013-3673	2024-11-21 10:54	2013-06-10	Show	GitHub Exploit DB Packet Storm

285050	-	ffmpeg	ffmpeg	The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to c…	CWE-20 Improper Input Validation	CVE-2013-3672	2024-11-21 10:54	2013-06-10	Show	GitHub Exploit DB Packet Storm