Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252901 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0029 2010-03-2 11:26 2010-02-9 Show GitHub Exploit DB Packet Storm
252902 10 危険 マイクロソフト - Microsoft Office の MSO.DLL におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0243 2010-03-1 11:37 2010-02-9 Show GitHub Exploit DB Packet Storm
252903 9.3 危険 マイクロソフト - Microsoft DirectX の DirectShow におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0250 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
252904 7.8 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0242 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
252905 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0241 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
252906 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0240 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
252907 10 危険 マイクロソフト - Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0239 2010-03-1 11:36 2010-02-9 Show GitHub Exploit DB Packet Storm
252908 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0017 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
252909 9.3 危険 マイクロソフト - Microsoft Windows の SMB クライアント実装における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0016 2010-03-1 11:35 2010-02-9 Show GitHub Exploit DB Packet Storm
252910 5 警告 日立 - uCosminexus Portal Framework におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-02-26 11:36 2010-01-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251711 6.5 MEDIUM
Network 		gridgain gridgain Directory traversal vulnerability in the Visor GUI Console in GridGain before 1.7.16, 1.8.x before 1.8.12, 1.9.x before 1.9.7, and 8.x before 8.1.5 allows remote authenticated users to read arbitrary… CWE-22
Path Traversal 		CVE-2017-14614 2024-11-21 12:13 2017-10-10 Show GitHub Exploit DB Packet Storm
251712 7.5 HIGH
Network 		digium asterisk
certified_asterisk 		In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allo… CWE-200
Information Exposure 		CVE-2017-14603 2024-11-21 12:13 2017-10-10 Show GitHub Exploit DB Packet Storm
251713 5.4 MEDIUM
Network 		identicard two-reader_controller_configuration_manager IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) is vulnerable to Stored Cross-Site Scripting (XSS) via the notes field in /~user_handler?file=logged_in.shtm (aka the edit user pag… CWE-79
Cross-site Scripting 		CVE-2017-14973 2024-11-21 12:13 2017-10-9 Show GitHub Exploit DB Packet Storm
251714 7.5 HIGH
Network 		infocus mondopad InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file. CWE-287
Improper Authentication 		CVE-2017-14972 2024-11-21 12:13 2017-10-9 Show GitHub Exploit DB Packet Storm
251715 5.5 MEDIUM
Local 		infocuscorp infocus_mondopad Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated w… CWE-200
Information Exposure 		CVE-2017-14971 2024-11-21 12:13 2017-10-9 Show GitHub Exploit DB Packet Storm
251716 5.5 MEDIUM
Local 		lame_project lame LAME 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4, 3.99.5, 3.98.4, 3.98.2 and 3.98 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/… CWE-125
Out-of-bounds Read 		CVE-2017-15045 2024-11-21 12:13 2017-10-6 Show GitHub Exploit DB Packet Storm
251717 5.9 MEDIUM
Network 		golang go An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. T… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2017-15042 2024-11-21 12:13 2017-10-6 Show GitHub Exploit DB Packet Storm
251718 9.8 CRITICAL
Network 		golang
debian
redhat 		go
debian_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_eus
enterprise_linux_tus
developer_tools 		Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but … NVD-CWE-noinfo
CVE-2017-15041 2024-11-21 12:13 2017-10-6 Show GitHub Exploit DB Packet Storm
251719 8.1 HIGH
Network 		freebsd freebsd In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' cha… CWE-362
CWE-125
Race Condition
Out-of-bounds Read 		CVE-2017-15037 2024-11-21 12:13 2017-10-5 Show GitHub Exploit DB Packet Storm
251720 7.5 HIGH
Network 		emtec pyrobatchftp EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash). CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-15035 2024-11-21 12:13 2017-10-5 Show GitHub Exploit DB Packet Storm