Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253431	5.8	警告	サン・マイクロシステムズ GNOME Project レッドハット	-	Evolution Data Server (別名 evolution-data-server) の ntlm_challenge 関数におけるプロセスメモリ情報の漏洩またはサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-0582	2010-05-14 18:37	2009-03-14	Show	GitHub Exploit DB Packet Storm

253432	1.2	注意	日本電気サイバートラスト株式会社サン・マイクロシステムズターボリナックス OpenSSL Project レッドハット	-	RSA key reconstruction vulnerability	-	CVE-2007-3108	2010-05-14 18:37	2007-08-16	Show	GitHub Exploit DB Packet Storm

253433	5	警告	ヒューレット・パッカードサイバートラスト株式会社 OpenSSL Project ターボリナックスレッドハット	-	OpenSSL の zlib_stateful_finish 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-4355	2010-05-13 17:21	2010-01-13	Show	GitHub Exploit DB Packet Storm

253434	9.3	危険	日立	-	XMAP3 における任意のコードが実行される脆弱性	CWE-noinfo 情報不足	-	2010-05-13 15:14	2010-04-12	Show	GitHub Exploit DB Packet Storm

253435	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Plan In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0863	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

253436	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Place In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0864	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

253437	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Markdown Optimization コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0862	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

253438	4.3	警告	オラクル	-	Oracle Industry Product Suite の Life Sciences - Oracle Thesaurus Management System コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0875	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

253439	4.3	警告	オラクル	-	Oracle Industry Product Suite の Life Sciences - Oracle Clinical Remote Data Capture Option コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0876	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

253440	4.3	警告	オラクル	-	Oracle Industry Product Suite の Communications - Oracle Communications Unified Inventory Management コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0874	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266701	7.5	HIGH Network	microsoft	.net_framework	WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms I…	CWE-200 Information Exposure	CVE-2016-0047	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266702	7.8	HIGH Local	microsoft	windows_server_2012 windows_8.1 windows_10	Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vul…	CWE-20 Improper Input Validation	CVE-2016-0046	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266703	7.5	HIGH Network	microsoft	windows_server_2012 windows_8.1 windows_rt_8.1	Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service (SyncShareSvc service outage) via crafted "change batch" data,…	CWE-20 Improper Input Validation	CVE-2016-0044	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266704	7.8	HIGH Local	microsoft	windows_rt_8.1 windows_server_2012 windows_7 windows_10 windows_8.1 windows_server_2008 windows_vista	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which…	NVD-CWE-Other	CVE-2016-0042	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266705	7.8	HIGH Local	microsoft	windows_rt_8.1 internet_explorer windows_server_2012 windows_7 windows_10 windows_8.1 windows_server_2008 windows_vista	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11…	NVD-CWE-Other	CVE-2016-0041	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266706	6.1	MEDIUM Network	microsoft	sharepoint_foundation	Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Mi…	CWE-79 Cross-site Scripting	CVE-2016-0039	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266707	7.8	HIGH Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_7 windows_vista	Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers t…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-0038	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266708	7.5	HIGH Network	microsoft	windows_server_2012	The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote attackers to cause a denial of service (daemon outag…	CWE-20 Improper Input Validation	CVE-2016-0037	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266709	8.1	HIGH Network	microsoft	windows_server_2012 windows_8.1 windows_7 windows_10	The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote authenticated users to execute arbitrary code v…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-0036	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm

266710	7.5	HIGH Network	microsoft	.net_framework	Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service (performance …	CWE-94 Code Injection	CVE-2016-0033	2024-11-21 11:40	2016-02-10	Show	GitHub Exploit DB Packet Storm