Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254521	6.9	警告	マイクロソフト	-	Microsoft Windows の Client/Server Run-time Subsystem における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0023	2010-03-3 11:53	2010-02-9	Show	GitHub Exploit DB Packet Storm

254522	4	警告	マイクロソフト	-	Microsoft Windows の Hyper-V サーバ実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0026	2010-03-3 11:53	2010-02-9	Show	GitHub Exploit DB Packet Storm

254523	9.3	危険	日本電気アップル富士通古河電気工業ヒューレット・パッカードインターネットイニシアティブアラクサラネットワークス日立	-	IPv6 NDP 実装における Neighbor Discovery メッセージの送信元検証処理に関する脆弱性	CWE-20 不適切な入力確認	CVE-2008-2476	2010-03-3 11:43	2008-10-3	Show	GitHub Exploit DB Packet Storm

254524	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0034	2010-03-2 11:29	2010-02-9	Show	GitHub Exploit DB Packet Storm

254525	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0033	2010-03-2 11:28	2010-02-9	Show	GitHub Exploit DB Packet Storm

254526	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint における任意のコードを実行される脆弱性	CWE-94 CWE-Other	CVE-2010-0032	2010-03-2 11:28	2010-02-9	Show	GitHub Exploit DB Packet Storm

254527	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0031	2010-03-2 11:27	2010-02-9	Show	GitHub Exploit DB Packet Storm

254528	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0030	2010-03-2 11:27	2010-02-9	Show	GitHub Exploit DB Packet Storm

254529	9.3	危険	マイクロソフト	-	Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0029	2010-03-2 11:26	2010-02-9	Show	GitHub Exploit DB Packet Storm

254530	10	危険	マイクロソフト	-	Microsoft Office の MSO.DLL におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0243	2010-03-1 11:37	2010-02-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
277701	-	calender_base_project	calender_base	The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attackers to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library.	CWE-399 Resource Management Errors	CVE-2014-8325	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277702	-	zend	zend_framework	The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with…	CWE-287 Improper Authentication	CVE-2014-8088	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277703	-	redhat	virtual_desktop_service_manager	VDSM allows remote attackers to cause a denial of service (connection blocking) by keeping an SSL connection open.	CWE-310 Cryptographic Issues	CVE-2014-7968	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277704	-	splunk	splunk	Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerab…	CWE-79 Cross-site Scripting	CVE-2014-8380	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277705	-	marketo_ma_project	marketo_ma	Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML…	CWE-79 Cross-site Scripting	CVE-2014-8379	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277706	-	tablefield_project	tablefield	Cross-site scripting (XSS) vulnerability in the TableField module 7.x-2.x before 7.x-2.3 allows remote authenticated users with the "administer content types" or "administer taxonomy" permission to i…	CWE-79 Cross-site Scripting	CVE-2014-8378	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277707	-	webasyst	shop-script	Cross-site scripting (XSS) vulnerability in Webasyst Shop-Script 5.2.2.30933 allows remote attackers to inject arbitrary web script or HTML via the phone number field in a new contact to phpecom/inde…	CWE-79 Cross-site Scripting	CVE-2014-8377	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277708	-	site_banner_project	site_banner	Cross-site scripting (XSS) vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the "Administer contexts" C…	CWE-79 Cross-site Scripting	CVE-2014-8376	2024-11-21 11:18	2014-10-22	Show	GitHub Exploit DB Packet Storm

277709	-	gb-plugins	gb_gallery_slideshow	SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a …	CWE-89 SQL Injection	CVE-2014-8375	2024-11-21 11:18	2014-10-21	Show	GitHub Exploit DB Packet Storm

277710	-	apptreestudios	gangsta_auto_thief_iii	The Gangsta Auto Thief III (aka com.apptreestudios.gdup3) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers an…	CWE-310 Cryptographic Issues	CVE-2014-7804	2024-11-21 11:18	2014-10-21	Show	GitHub Exploit DB Packet Storm