Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253341	4.3	警告	アドビシステムズ	-	Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3467	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

253342	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の pami RIFF chunk 構文解析における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-1292	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

253343	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1291	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

253344	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1290	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

253345	9.3	危険	ジャストシステム	-	一太郎シリーズにおける任意のコードが実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-2152	2010-06-1 16:01	2010-06-1	Show	GitHub Exploit DB Packet Storm

253346	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1289	2010-06-1 15:45	2010-05-11	Show	GitHub Exploit DB Packet Storm

253347	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1288	2010-06-1 15:45	2010-05-11	Show	GitHub Exploit DB Packet Storm

253348	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1287	2010-06-1 15:45	2010-05-11	Show	GitHub Exploit DB Packet Storm

253349	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1286	2010-06-1 15:44	2010-05-11	Show	GitHub Exploit DB Packet Storm

253350	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1284	2010-06-1 15:44	2010-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
279131	-		gnupg debian opensuse	gnupg debian_linux opensuse	The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed …	CWE-20 Improper Input Validation	CVE-2014-4617	2024-11-21 11:10	2014-06-25	Show	GitHub Exploit DB Packet Storm

279132	-		phpmyadmin	phpmyadmin	Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ta…	CWE-79 Cross-site Scripting	CVE-2014-4349	2024-11-21 11:10	2014-06-25	Show	GitHub Exploit DB Packet Storm

279133	-		phpmyadmin	phpmyadmin	Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) tab…	CWE-79 Cross-site Scripting	CVE-2014-4348	2024-11-21 11:10	2014-06-25	Show	GitHub Exploit DB Packet Storm

279134	-		linux canonical	linux_kernel ubuntu_linux	arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of se…	CWE-189 Numeric Errors	CVE-2014-4508	2024-11-21 11:10	2014-06-23	Show	GitHub Exploit DB Packet Storm

279135	-		netiq	identity_manager	The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirecto…	NVD-CWE-Other	CVE-2014-4509	2024-11-21 11:10	2014-06-22	Show	GitHub Exploit DB Packet Storm

279136	-		theforeman	foreman	Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the dst parameter to tftp/fe…	CWE-22 Path Traversal	CVE-2014-4507	2024-11-21 11:10	2014-06-20	Show	GitHub Exploit DB Packet Storm

279137	-		louis_jimenez	custom_meta	Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer custom meta sett…	CWE-79 Cross-site Scripting	CVE-2014-4506	2024-11-21 11:10	2014-06-20	Show	GitHub Exploit DB Packet Storm

279138	-		roger_padilla_camacho	easy_breadcrumb	Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2014-4505	2024-11-21 11:10	2014-06-20	Show	GitHub Exploit DB Packet Storm

279139	7.5	HIGH Network	zte	zxv10_w300_firmware	ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direc…	CWE-200 Information Exposure	CVE-2014-4019	2024-11-21 11:09	2020-02-21	Show	GitHub Exploit DB Packet Storm

279140	9.8	CRITICAL Network	freebsd	freebsd	OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discard…	CWE-287 Improper Authentication	CVE-2014-3879	2024-11-21 11:09	2020-02-19	Show	GitHub Exploit DB Packet Storm