Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253561 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0267 2010-04-19 19:18 2010-03-30 Show GitHub Exploit DB Packet Storm
253562 10 危険 アップル - Apple Mac OS X の xar におけるパッケージ署名の検証処理に関する脆弱性 CWE-DesignError
CVE-2010-0055 2010-04-16 16:59 2010-03-29 Show GitHub Exploit DB Packet Storm
253563 0 注意 アップル - Apple Mac OS X の Wiki サーバにおけるコンテンツを公開される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0534 2010-04-16 16:58 2010-03-29 Show GitHub Exploit DB Packet Storm
253564 5 警告 アップル - Apple Mac OS X の Wiki サーバにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-0523 2010-04-16 16:58 2010-03-29 Show GitHub Exploit DB Packet Storm
253565 9 危険 アップル - Apple Mac OS X のサーバ管理における管理者権限の処理に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0522 2010-04-16 16:58 2010-03-29 Show GitHub Exploit DB Packet Storm
253566 5 警告 アップル - Apple Mac OS X のサーバ管理における重要な情報を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-0521 2010-04-16 16:58 2010-03-29 Show GitHub Exploit DB Packet Storm
253567 4.3 警告 アップル
Ruby on Rails project		 - Ruby on Rails の strip_tags 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4214 2010-04-16 16:58 2009-12-7 Show GitHub Exploit DB Packet Storm
253568 4.3 警告 アップル
Ruby on Rails project		 - Ruby on Rails におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3009 2010-04-16 16:58 2009-09-8 Show GitHub Exploit DB Packet Storm
253569 7.5 危険 アップル
Ruby on Rails project		 - Ruby on Rails のダイジェスト認証における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2009-2422 2010-04-16 16:57 2009-07-10 Show GitHub Exploit DB Packet Storm
253570 6.8 警告 アップル - Apple Mac OS X の QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0526 2010-04-16 16:57 2010-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
304121 - - - The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6-RC1 for Android allows an attacker to execute arbitrary JavaScript code via the allvideo.downloader.bro… - CVE-2024-46965 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
304122 - - - EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities. - CVE-2024-36061 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
304123 - - - An XML External Entity (XXE) vulnerability in the component DocumentBuilderFactory of powertac-server v1.9.0 allows attackers to access sensitive information or execute arbitrary code via supplying a… - CVE-2024-51135 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
304124 - - - The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not … - CVE-2024-50667 2024-11-13 02:35 2024-11-12 Show GitHub Exploit DB Packet Storm
304125 9.8 CRITICAL
Network 		gl-inet mt6000_firmware
a1300_firmware
x300b_firmware
ax1800_firmware
axt1800_firmware
mt2500_firmware
mt3000_firmware
x3000_firmware
xe3000_firmware
xe300_firmware
e750_firmwar… 		GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3… CWE-22
Path Traversal 		CVE-2024-39226 2024-11-13 02:35 2024-08-7 Show GitHub Exploit DB Packet Storm
304126 - - - Element is a Matrix web client built using the Matrix React SDK. Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access… - CVE-2024-47779 2024-11-13 02:15 2024-10-16 Show GitHub Exploit DB Packet Storm
304127 - - - An exploit is possible where an actor with physical access can manipulate SPI flash without being detected. - CVE-2024-33660 2024-11-13 01:35 2024-11-13 Show GitHub Exploit DB Packet Storm
304128 - - - Persistent and reflected XSS vulnerabilities in the themeMode cookie and _h URL parameter of Axigen Mail Server up to version 10.5.28 allow attackers to execute arbitrary Javascript. Exploitation cou… - CVE-2024-50601 2024-11-13 01:35 2024-11-12 Show GitHub Exploit DB Packet Storm
304129 - - - The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application through 1.0.42 for Android allows an attacker to execute arbitrary JavaScript code via the mn.ikhgur.khotoch.MainActivity… - CVE-2024-46966 2024-11-13 01:35 2024-11-12 Show GitHub Exploit DB Packet Storm
304130 - - - The com.video.downloader.all (aka All Video Downloader) application through 11.28 for Android allows an attacker to execute arbitrary JavaScript code via the com.video.downloader.all.StartActivity co… - CVE-2024-46964 2024-11-13 01:35 2024-11-12 Show GitHub Exploit DB Packet Storm