Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254181	5	警告	サン・マイクロシステムズ Pidgin レッドハット	-	Pidgin の gtkimhtml.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0423	2010-05-14 18:39	2010-02-18	Show	GitHub Exploit DB Packet Storm

254182	4.3	警告	サン・マイクロシステムズ Pidgin レッドハット	-	Pidgin の libpurple におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0420	2010-05-14 18:38	2010-02-18	Show	GitHub Exploit DB Packet Storm

254183	7.5	危険	Carnegie Mellon University (Project Cyrus) アップルサイバートラスト株式会社サン・マイクロシステムズオラクルレッドハット	-	Cyrus SASL ライブラリにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-0688	2010-05-14 18:37	2009-05-15	Show	GitHub Exploit DB Packet Storm

254184	7.5	危険	サン・マイクロシステムズ GNOME Project レッドハット	-	Evolution Data Server (別名 evolution-data-server) における複数の整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-0587	2010-05-14 18:37	2009-03-14	Show	GitHub Exploit DB Packet Storm

254185	5.8	警告	サン・マイクロシステムズ GNOME Project レッドハット	-	Evolution Data Server (別名 evolution-data-server) の ntlm_challenge 関数におけるプロセスメモリ情報の漏洩またはサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-0582	2010-05-14 18:37	2009-03-14	Show	GitHub Exploit DB Packet Storm

254186	1.2	注意	日本電気サイバートラスト株式会社サン・マイクロシステムズターボリナックス OpenSSL Project レッドハット	-	RSA key reconstruction vulnerability	-	CVE-2007-3108	2010-05-14 18:37	2007-08-16	Show	GitHub Exploit DB Packet Storm

254187	5	警告	ヒューレット・パッカードサイバートラスト株式会社 OpenSSL Project ターボリナックスレッドハット	-	OpenSSL の zlib_stateful_finish 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-4355	2010-05-13 17:21	2010-01-13	Show	GitHub Exploit DB Packet Storm

254188	9.3	危険	日立	-	XMAP3 における任意のコードが実行される脆弱性	CWE-noinfo 情報不足	-	2010-05-13 15:14	2010-04-12	Show	GitHub Exploit DB Packet Storm

254189	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Plan In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0863	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

254190	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Place In-Season コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0864	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
271161	-	ibm	maximo_asset_management maximo_for_nuclear_power maximo_for_utilities maximo_for_life_sciences maximo_for_oil_and_gas maximo_for_transportation maximo_for_government smartcloud_c…	Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX003, and 7.6.0 before 7.6.0.1 IFIX001; Maximo Asset Management 7.5.x before 7.5.…	CWE-79 Cross-site Scripting	CVE-2015-4944	2024-11-21 11:32	2015-10-6	Show	GitHub Exploit DB Packet Storm

271162	-	ibm	emptoris_program_management emptoris_supplier_lifecycle_management emptoris_strategic_supply_management	Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management 10.x before 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x before 10.0…	CWE-79 Cross-site Scripting	CVE-2015-4939	2024-11-21 11:32	2015-10-6	Show	GitHub Exploit DB Packet Storm

271163	-	ibm	qradar_security_information_and_event_manager	IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authenticated users to execute arbitrary commands with root privileges by leveraging admin access.	CWE-77 Command Injection	CVE-2015-4930	2024-11-21 11:32	2015-10-4	Show	GitHub Exploit DB Packet Storm

271164	-	ibm	business_process_manager	Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 before 8.5.6.0 CF1 allows remote authenti…	CWE-79 Cross-site Scripting	CVE-2015-4955	2024-11-21 11:32	2015-10-4	Show	GitHub Exploit DB Packet Storm

271165	-	x2engine	x2crm	Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM before 5.2 allows remote attackers to hijack the authentication of administrators for requests that create an administrative account …	CWE-352 Origin Validation Error	CVE-2015-5075	2024-11-21 11:32	2015-09-30	Show	GitHub Exploit DB Packet Storm

271166	-	x2engine	x2crm	Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM before 5.0.9 allows remote authenticated users to execute arb…	CWE-20 Improper Input Validation	CVE-2015-5074	2024-11-21 11:32	2015-09-30	Show	GitHub Exploit DB Packet Storm

271167	-	x2engine	x2crm	Multiple cross-site scripting (XSS) vulnerabilities in X2Engine X2CRM before 5.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) version parameter in protected/views/admin…	CWE-79 Cross-site Scripting	CVE-2015-5076	2024-11-21 11:32	2015-09-30	Show	GitHub Exploit DB Packet Storm

271168	-	fedoraproject debian squid-cache	fedora debian_linux squid	Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend p…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5400	2024-11-21 11:32	2015-09-29	Show	GitHub Exploit DB Packet Storm

271169	-	opensuse standards_based_linux_instrumentation	opensuse sblim-sfcb	The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty classNa…	NVD-CWE-Other	CVE-2015-5185	2024-11-21 11:32	2015-09-29	Show	GitHub Exploit DB Packet Storm

271170	-	open-xchange	open-xchange_appsuite open-xchange_server	Cross-site scripting (XSS) vulnerability in unspecified dialogs for printing content in the Front End in Open-Xchange Server 6 and OX App Suite before 6.22.8-rev8, 6.22.9 before 6.22.9-rev15m, 7.x be…	CWE-79 Cross-site Scripting	CVE-2015-5375	2024-11-21 11:32	2015-09-29	Show	GitHub Exploit DB Packet Storm