Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253661	7.8	危険	シスコシステムズ	-	CSG2 上で稼働する Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-0349	2011-02-22 13:47	2011-01-26	Show	GitHub Exploit DB Packet Storm

253662	6.4	警告	シスコシステムズ	-	CSG2 上で稼働する Cisco IOS におけるアクセスおよび課金などの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0348	2011-02-22 13:44	2011-01-26	Show	GitHub Exploit DB Packet Storm

253663	4.3	警告	Google	-	Android の com.android.phone プロセスにおけるサービス運用妨害 (DoS) 脆弱性	CWE-noinfo 情報不足	CVE-2009-2999	2011-02-22 11:32	2009-10-14	Show	GitHub Exploit DB Packet Storm

253664	5	警告	Google	-	Android の com.android.phone プロセスにおけるサービス運用妨害 (DoS) 脆弱性	CWE-noinfo 情報不足	CVE-2009-2656	2011-02-22 11:28	2009-08-3	Show	GitHub Exploit DB Packet Storm

253665	7.5	危険	OpenBSD	-	OpenSSH における共有秘密鍵の認証要求を回避される脆弱性	CWE-287 不適切な認証	CVE-2010-4478	2011-02-21 16:53	2010-12-6	Show	GitHub Exploit DB Packet Storm

253666	5	警告	レッドハット	-	IcedTea における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-3860	2011-02-21 16:53	2010-12-8	Show	GitHub Exploit DB Packet Storm

253667	6.8	警告	レッドハット	-	IcedTea の JNLP SecurityManager におけるセキュリティポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4351	2011-02-21 14:58	2011-01-20	Show	GitHub Exploit DB Packet Storm

253668	4.3	警告	シマンテック	-	Symantec Norton Mobile Security for Android における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0113	2011-02-21 14:55	2010-11-15	Show	GitHub Exploit DB Packet Storm

253669	4.3	警告	Google	-	Android の Dalvik API におけるサービス運用妨害 (DoS) 脆弱性	CWE-noinfo 情報不足	CVE-2009-3698	2011-02-21 14:54	2009-10-14	Show	GitHub Exploit DB Packet Storm

253670	5	警告	CollabNet, Inc.	-	CollabNet ScrumWorks Basic Server における認証情報取り扱いに関する問題	CWE-310 暗号の問題	CVE-2011-0410	2011-02-21 14:54	2011-01-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
4901	7.8	HIGH Local	getcomposer	composer	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::generateP4Command() method, which constructs she…	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2026-40176	2026-04-26 03:24	2026-04-16	Show	GitHub Exploit DB Packet Storm

4902	6.1	MEDIUM Network	apostrophecms	apostrophecms sanitize-html	ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package bypasse…	CWE-79 Cross-site Scripting	CVE-2026-40186	2026-04-26 03:15	2026-04-16	Show	GitHub Exploit DB Packet Storm

4903	8.8	HIGH Network	getcomposer	composer	Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase() method, which appends the $source…	CWE-20 CWE-78 Improper Input Validation OS Command	CVE-2026-40261	2026-04-26 03:12	2026-04-16	Show	GitHub Exploit DB Packet Storm

4904	8.1	HIGH Network	hashicorp	vault	An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulne…	CWE-288 Authentication Bypass Using an Alternate Path or Channel	CVE-2026-3605	2026-04-26 03:08	2026-04-17	Show	GitHub Exploit DB Packet Storm

4905	9.8	CRITICAL Network	hcltech	aion	HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2025-52660	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

4906	9.8	CRITICAL Network	hcltech	aion	HCL AION está afectado por una vulnerabilidad de carga de archivos sin restricciones. Esto puede permitir cargas de archivos maliciosos, lo que podría resultar en ejecución de código no autorizada o …	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2025-52660	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

4907	5.3	MEDIUM Network	hcltech	aion	HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application’s overall security posture and increase its susceptibili…	CWE-693 Protection Mechanism Failure	CVE-2025-55249	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

4908	5.3	MEDIUM Network	hcltech	aion	HCL AION está afectado por una vulnerabilidad de encabezados de respuesta de seguridad faltantes. La ausencia de encabezados de seguridad estándar puede debilitar la postura de seguridad general de l…	CWE-693 Protection Mechanism Failure	CVE-2025-55249	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

4909	9.8	CRITICAL Network	hcltech	aion	HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-55251	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm

4910	9.8	CRITICAL Network	hcltech	aion	HCL AION está afectado por una vulnerabilidad de carga de archivos sin restricciones. Esto puede permitir cargas de archivos maliciosos, lo que podría resultar en ejecución de código no autorizada o …	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2025-55251	2026-04-26 03:05	2026-01-20	Show	GitHub Exploit DB Packet Storm