Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253251	4.4	警告	アップル	-	Apple Mac OS X の DesktopServices におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0545	2010-07-8 18:26	2010-06-15	Show	GitHub Exploit DB Packet Storm

253252	10	危険	ヒューレット・パッカード SGI IBM	-	rpc.pcnfsd の _msgout 関数における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-1039	2010-07-8 18:03	2010-05-18	Show	GitHub Exploit DB Packet Storm

253253	1.2	注意	IBM OpenBSD	-	OpenSSH における X11 転送ポートをハイジャックされる脆弱性	CWE-200 情報漏えい	CVE-2008-3259	2010-07-7 16:40	2008-07-22	Show	GitHub Exploit DB Packet Storm

253254	4.3	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail におけるユーザインターフェースを偽装される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1581	2010-07-6 19:19	2009-05-12	Show	GitHub Exploit DB Packet Storm

253255	6.8	警告	アップル SquirrelMail Project	-	SquirrelMail におけるセッション固定の脆弱性	CWE-287 不適切な認証	CVE-2009-1580	2010-07-6 19:18	2009-05-11	Show	GitHub Exploit DB Packet Storm

253256	6.8	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-1579	2010-07-6 19:18	2009-05-10	Show	GitHub Exploit DB Packet Storm

253257	4.3	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1578	2010-07-6 19:18	2009-05-8	Show	GitHub Exploit DB Packet Storm

253258	8.5	危険	マイクロソフト	-	Microsoft IIS における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1256	2010-07-5 17:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

253259	4	警告	マイクロソフト	-	Microsoft Windows SharePoint Services におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-1264	2010-07-5 17:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

253260	6.9	警告	マイクロソフト	-	Open XML File Format Converter のインストールにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1254	2010-07-5 17:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251251	6.5	MEDIUM Network	garycourt	uri-js	uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regula…	CWE-1333 Inefficient Regular Expression Complexity	CVE-2017-16021	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251252	9.8	CRITICAL Network	summit_project	summit	Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name.	CWE-94 Code Injection	CVE-2017-16020	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251253	6.1	MEDIUM Network	gitbook	gitbook	GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by…	CWE-79 Cross-site Scripting	CVE-2017-16019	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251254	6.1	MEDIUM Network	restify	restify	Restify is a framework for building REST APIs. Restify >=2.0.0 <=4.0.4 using URL encoded script tags in a non-existent URL, an attacker can get script to run in some browsers.	CWE-79 Cross-site Scripting	CVE-2017-16018	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251255	6.1	MEDIUM Network	punkave	sanitize-html	sanitize-html is a library for scrubbing html input for malicious values Versions 1.2.2 and below have a cross site scripting vulnerability.	CWE-79 Cross-site Scripting	CVE-2017-16017	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251256	6.1	MEDIUM Network	punkave	sanitize-html	Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTa…	CWE-79 Cross-site Scripting	CVE-2017-16016	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251257	6.1	MEDIUM Network	forms_project	forms	Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms m…	CWE-79 Cross-site Scripting	CVE-2017-16015	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251258	7.5	HIGH Network	http-proxy_project	http-proxy	Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.	CWE-388 7PK - Errors	CVE-2017-16014	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251259	7.5	HIGH Network	hapijs	hapi	hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to han…	CWE-20 Improper Input Validation	CVE-2017-16013	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

251260	6.1	MEDIUM Network	ag-grid	ag-grid	ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid.	CWE-79 Cross-site Scripting	CVE-2017-16009	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed