Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254071 9.3 危険 アドビシステムズ - Adobe Photoshop CS4 におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1296 2010-06-15 18:25 2010-05-26 Show GitHub Exploit DB Packet Storm
254072 5 警告 日立 - Groupmax World Wide Web Desktop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-06-14 16:24 2010-05-26 Show GitHub Exploit DB Packet Storm
254073 4.3 警告 日立 - Hitachi Web Server の SSL クライアント認証における CRL 失効確認不可の脆弱性 CWE-287
不適切な認証 		- 2010-06-14 16:24 2010-05-17 Show GitHub Exploit DB Packet Storm
254074 5 警告 日立 - TP1/Message Control におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		- 2010-06-14 16:23 2010-05-17 Show GitHub Exploit DB Packet Storm
254075 10 危険 日立
CA Technologies		 - CA XOsoft におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1223 2010-06-14 16:23 2010-04-6 Show GitHub Exploit DB Packet Storm
254076 5 警告 日立
CA Technologies		 - CA XOsoft における重要な情報を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-1222 2010-06-14 16:23 2010-04-6 Show GitHub Exploit DB Packet Storm
254077 5 警告 日立
CA Technologies		 - CA XOsoft におけるユーザ名を列挙される脆弱性 CWE-287
不適切な認証 		CVE-2010-1221 2010-06-14 16:23 2010-04-6 Show GitHub Exploit DB Packet Storm
254078 6.8 警告 フェンリル株式会社 - ActiveGeckoBrowser における複数の脆弱性 CWE-Other
その他 		CVE-2010-2420 2010-06-14 12:01 2010-06-14 Show GitHub Exploit DB Packet Storm
254079 6.8 警告 サン・マイクロシステムズ
GNU Project
ターボリナックス
サイバートラスト株式会社
レッドハット		 - GNU tar および GNU cpio の rmt_read__ 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0624 2010-06-11 18:45 2010-03-15 Show GitHub Exploit DB Packet Storm
254080 3.5 注意 PostgreSQL.org
サイバートラスト株式会社
レッドハット		 - PostgreSQL における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0733 2010-06-9 16:54 2010-03-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252441 9.8 CRITICAL
Network 		finecms finecms v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows remote attackers to upload arbitrary .php files via … NVD-CWE-noinfo
CVE-2017-16920 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252442 5.4 MEDIUM
Network 		mapos_project mapos MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description … CWE-79
Cross-site Scripting 		CVE-2017-16919 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252443 9.8 CRITICAL
Network 		ffmpeg
debian 		ffmpeg
debian_linux 		The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related t… CWE-125
Out-of-bounds Read 		CVE-2017-16840 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252444 5.4 MEDIUM
Network 		horde groupware In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the … CWE-79
Cross-site Scripting 		CVE-2017-16908 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252445 5.4 MEDIUM
Network 		horde groupware In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action. CWE-79
Cross-site Scripting 		CVE-2017-16907 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252446 5.4 MEDIUM
Network 		horde groupware In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. CWE-79
Cross-site Scripting 		CVE-2017-16906 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252447 6.1 MEDIUM
Network 		lvyecms_project lvyecms The Public tologin feature in admin.php in LvyeCMS through 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an administrator. CWE-79
Cross-site Scripting 		CVE-2017-16904 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252448 9.8 CRITICAL
Network 		lvyecms_project lvyecms LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, wit… CWE-22
Path Traversal 		CVE-2017-16903 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252449 7.5 HIGH
Network 		vonage vdv-23_firmware On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-16902 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm
252450 7.1 HIGH
Local 		xfig_project
debian 		xfig
debian_linux 		An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to… CWE-129
 Improper Validation of Array Index 		CVE-2017-16899 2024-11-21 12:17 2017-11-21 Show GitHub Exploit DB Packet Storm