Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253551	6.9	警告	mielke レッドハット	-	brltty の libbrlttybba.so における権限昇格の脆弱性	CWE-264 CWE-Other	CVE-2008-3279	2010-04-21 17:47	2010-03-30	Show	GitHub Exploit DB Packet Storm

253552	4.3	警告	Mozilla Foundation	-	Mozilla Firefox/SeaMonkey におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0181	2010-04-20 16:42	2010-03-30	Show	GitHub Exploit DB Packet Storm

253553	5.8	警告	サイボウズ	-	複数のサイボウズ製品におけるアクセス制限に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2029	2010-04-20 12:01	2010-04-20	Show	GitHub Exploit DB Packet Storm

253554	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer の Tabular Data Control ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0805	2010-04-19 19:20	2010-03-30	Show	GitHub Exploit DB Packet Storm

253555	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0491	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

253556	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer における同一生成元ポリシーを回避される脆弱性	CWE-200 情報漏えい	CVE-2010-0494	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

253557	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer の mstime.dll における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0492	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

253558	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0490	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

253559	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0807	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

253560	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-362 競合状態	CVE-2010-0489	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
272741	8.8	HIGH Network	atutor	atutor	Multiple cross-site request forgery (CSRF) vulnerabilities in ATutor 2.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account vi…	CWE-352 Origin Validation Error	CVE-2015-1583	2024-11-21 11:25	2020-03-3	Show	GitHub Exploit DB Packet Storm

272742	9.8	CRITICAL Network	jakweb	gecko_cms	JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities	CWE-20 Improper Input Validation	CVE-2015-1425	2024-11-21 11:25	2020-02-18	Show	GitHub Exploit DB Packet Storm

272743	5.4	MEDIUM Network	10web	photo_gallery	Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by…	CWE-79 Cross-site Scripting	CVE-2015-1394	2024-11-21 11:25	2020-02-9	Show	GitHub Exploit DB Packet Storm

272744	7.8	HIGH Local	google	android	media/libmedia/IAudioPolicyService.cpp in Android before 5.1 allows attackers to execute arbitrary code with media_server privileges or cause a denial of service (integer overflow) via a crafted appl…	CWE-190 Integer Overflow or Wraparound	CVE-2015-1530	2024-11-21 11:25	2020-01-25	Show	GitHub Exploit DB Packet Storm

272745	5.5	MEDIUM Local	google	android	audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address.	CWE-20 Improper Input Validation	CVE-2015-1525	2024-11-21 11:25	2020-01-25	Show	GitHub Exploit DB Packet Storm

272746	7.5	HIGH Network	gnu debian	patch debian_linux	A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an in…	CWE-22 Path Traversal	CVE-2015-1396	2024-11-21 11:25	2019-11-26	Show	GitHub Exploit DB Packet Storm

272747	5.5	MEDIUM Local	gnupg canonical	gnupg ubuntu_linux	kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (inval…	CWE-20 Improper Input Validation	CVE-2015-1607	2024-11-21 11:25	2019-11-21	Show	GitHub Exploit DB Packet Storm

272748	5.5	MEDIUM Local	gnupg debian	gnupg debian_linux	The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.	CWE-416 Use After Free	CVE-2015-1606	2024-11-21 11:25	2019-11-21	Show	GitHub Exploit DB Packet Storm

272749	5.3	MEDIUM Network	canonical	ubuntu_linux	All versions of unity-scope-gdrive logs search terms to syslog.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2015-1343	2024-11-21 11:25	2019-04-23	Show	GitHub Exploit DB Packet Storm

272750	7.8	HIGH Local	canonical	ubuntu_linux apport	Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-1341	2024-11-21 11:25	2019-04-23	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed