Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253391 4.3 警告 Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0171 2010-04-5 14:54 2010-03-23 Show GitHub Exploit DB Packet Storm
253392 4.3 警告 Mozilla Foundation - Mozilla Firefox における同一生成元ポリシーを回避される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0170 2010-04-5 14:53 2010-03-23 Show GitHub Exploit DB Packet Storm
253393 7.5 危険 Heartlogic - HL-SiteManager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1331 2010-04-2 15:02 2010-04-2 Show GitHub Exploit DB Packet Storm
253394 9.3 危険 Mozilla Foundation - Mozilla Firefox の Web Open Fonts Format デコーダ における整数オーバーフローの脆弱性 CWE-noinfo
情報不足 		CVE-2010-1028 2010-04-2 14:05 2010-03-19 Show GitHub Exploit DB Packet Storm
253395 5 警告 富士通
アクセラテクノロジ		 - Accela BizSearch のローカル収集におけるアクセス権限に関する脆弱性 CWE-200
情報漏えい 		- 2010-04-2 14:05 2010-03-10 Show GitHub Exploit DB Packet Storm
253396 1.9 注意 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel における SCSI ホストの属性に任意の変更を加えられる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3556 2010-04-2 14:02 2010-01-19 Show GitHub Exploit DB Packet Storm
253397 10 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の e1000e ドライバにおけるイーサネットフレームの処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2009-4538 2010-04-2 14:02 2010-01-12 Show GitHub Exploit DB Packet Storm
253398 6.6 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の poll_mode_io ファイルにおけるドライバの I/O モードを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3939 2010-04-2 14:00 2009-11-16 Show GitHub Exploit DB Packet Storm
253399 6.6 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel におけるドライバの動作およびログレベルを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3889 2010-04-2 14:00 2009-11-16 Show GitHub Exploit DB Packet Storm
253400 7.8 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の hfs サブシステムにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4020 2010-04-2 13:59 2009-12-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
309021 3.9 LOW
Physics 		redhat
opensc_project 		enterprise_linux
opensc 		A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When … CWE-120
Classic Buffer Overflow 		CVE-2024-45620 2024-09-20 04:21 2024-09-4 Show GitHub Exploit DB Packet Storm
309022 6.5 MEDIUM
Network 		eaton foreseer_electrical_power_monitoring_system The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. Some of these input fields were not checking the l… CWE-1284
 Improper Validation of Specified Quantity in Input 		CVE-2024-31416 2024-09-20 04:06 2024-09-14 Show GitHub Exploit DB Packet Storm
309023 8.1 HIGH
Network 		eaton foreseer_electrical_power_monitoring_system The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to… CWE-522
 Insufficiently Protected Credentials 		CVE-2024-31415 2024-09-20 03:50 2024-09-14 Show GitHub Exploit DB Packet Storm
309024 6.1 MEDIUM
Network 		eaton foreseer_electrical_power_monitoring_system The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However, the input fields for this feature in the Eaton Foreseer software lacked proper input sa… CWE-79
Cross-site Scripting 		CVE-2024-31414 2024-09-20 03:48 2024-09-14 Show GitHub Exploit DB Packet Storm
309025 8.1 HIGH
Network 		lunary lunary A Cross-Site Request Forgery (CSRF) vulnerability exists in lunary-ai/lunary version 1.2.34 due to overly permissive CORS settings. This vulnerability allows an attacker to sign up for and create pro… CWE-352
 Origin Validation Error 		CVE-2024-6862 2024-09-20 03:37 2024-09-14 Show GitHub Exploit DB Packet Storm
309026 6.5 MEDIUM
Network 		lunary lunary An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint. This endpoint does not verify that the user has the necessary access righ… CWE-1220
 Insufficient Granularity of Access Control 		CVE-2024-6867 2024-09-20 03:28 2024-09-14 Show GitHub Exploit DB Packet Storm
309027 9.8 CRITICAL
Network 		arm mbed_tls An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in… CWE-295
Improper Certificate Validation  		CVE-2024-45159 2024-09-20 03:26 2024-09-6 Show GitHub Exploit DB Packet Storm
309028 4.8 MEDIUM
Network 		peepso peepso The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.4.5.0 due t… CWE-79
Cross-site Scripting 		CVE-2024-7655 2024-09-20 03:20 2024-09-10 Show GitHub Exploit DB Packet Storm
309029 4.8 MEDIUM
Network 		peepso peepso The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, … CWE-79
Cross-site Scripting 		CVE-2024-7618 2024-09-20 03:20 2024-09-10 Show GitHub Exploit DB Packet Storm
309030 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer … CWE-476
 NULL Pointer Dereference 		CVE-2024-46694 2024-09-20 03:16 2024-09-13 Show GitHub Exploit DB Packet Storm