Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252891 4.9 警告 マイクロソフト - Microsoft Windows の Canonical Display Driver における任意のコードを実行される脆弱性 CWE-DesignError
CVE-2009-3678 2010-07-23 18:55 2010-05-14 Show GitHub Exploit DB Packet Storm
252892 9.3 危険 サン・マイクロシステムズ
レッドハット
リアルネットワークス		 - Realnetworks RealPlayer における ASM RuleBook の処理に関する脆弱性 CWE-119
バッファエラー 		CVE-2009-4247 2010-07-23 18:55 2010-01-19 Show GitHub Exploit DB Packet Storm
252893 10 危険 サイバートラスト株式会社
Apache Software Foundation		 - Apache Geronimo の LoginModule 実装における認証要求を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-4548 2010-07-22 20:51 2007-08-13 Show GitHub Exploit DB Packet Storm
252894 5 警告 サイバートラスト株式会社
Apache Software Foundation		 - Apache Geronimo の management EJB における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-5085 2010-07-22 20:51 2007-09-6 Show GitHub Exploit DB Packet Storm
252895 7.5 危険 サイバートラスト株式会社
Apache Software Foundation		 - Apache Geronimo の SQLLoginModule における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2007-5797 2010-07-22 20:51 2007-10-22 Show GitHub Exploit DB Packet Storm
252896 6.8 警告 InterSect Alliance International Pty - Snare Agent の Web インターフェースにクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-2594 2010-07-22 20:51 2010-06-30 Show GitHub Exploit DB Packet Storm
252897 5.5 警告 富士通 - Internet Navigware Server における情報漏えいの脆弱性 CWE-200
情報漏えい 		- 2010-07-22 20:51 2010-06-18 Show GitHub Exploit DB Packet Storm
252898 7.8 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の NFSv4 クライアントの nfs4_proc_lock 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3726 2010-07-22 17:53 2009-11-9 Show GitHub Exploit DB Packet Storm
252899 5 警告 IBM
アップル
サイバートラスト株式会社
サン・マイクロシステムズ
ヒューレット・パッカード
マイクロソフト
オラクル
OpenOffice.org Project
レッドハット		 - XML 署名の検証において認証回避が可能な問題 CWE-DesignError
CVE-2009-0217 2010-07-22 17:52 2009-07-15 Show GitHub Exploit DB Packet Storm
252900 9.3 危険 アドビシステムズ
レッドハット		 - Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2212 2010-07-21 16:31 2010-06-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
294661 - oneclickorgs one_click_orgs The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attac… CWE-255
Credentials Management 		CVE-2011-4678 2024-11-21 10:32 2011-12-6 Show GitHub Exploit DB Packet Storm
294662 - oneclickorgs one_click_orgs One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. CWE-287
Improper Authentication 		CVE-2011-4677 2024-11-21 10:32 2011-12-6 Show GitHub Exploit DB Packet Storm
294663 - oneclickorgs one_click_orgs One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service (login disruption) or spoof votes or comme… CWE-255
Credentials Management 		CVE-2011-4555 2024-11-21 10:32 2011-12-6 Show GitHub Exploit DB Packet Storm
294664 - oneclickorgs one_click_orgs One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) and newline characters in an org name or (2) " (double quote) characters in an e… CWE-20
 Improper Input Validation  		CVE-2011-4554 2024-11-21 10:32 2011-12-6 Show GitHub Exploit DB Packet Storm
294665 - oneclickorgs one_click_orgs Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the return_to parameter, and… CWE-20
 Improper Input Validation  		CVE-2011-4553 2024-11-21 10:32 2011-12-6 Show GitHub Exploit DB Packet Storm
294666 - oneclickorgs one_click_orgs Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the description field of (1) a new vote or (2) the… CWE-79
Cross-site Scripting 		CVE-2011-4552 2024-11-21 10:32 2011-12-6 Show GitHub Exploit DB Packet Storm
294667 - widelands widelands The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading ~ (tilde) characters to home-directory pathnames but does not restrict use of these… CWE-22
Path Traversal 		CVE-2011-4675 2024-11-21 10:32 2011-12-5 Show GitHub Exploit DB Packet Storm
294668 - celeryproject celery Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4356 2024-11-21 10:32 2011-12-5 Show GitHub Exploit DB Packet Storm
294669 - oscommerce oscommerce Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) set or (2) module parameter to (a) O… CWE-22
Path Traversal 		CVE-2011-4543 2024-11-21 10:32 2011-12-5 Show GitHub Exploit DB Packet Storm
294670 - zabbix zabbix SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter. CWE-89
SQL Injection 		CVE-2011-4674 2024-11-21 10:32 2011-12-3 Show GitHub Exploit DB Packet Storm