Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254641	9	危険	オラクル	-	Oracle Database の Oracle OLAP コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3415	2010-02-12 12:20	2010-01-12	Show	GitHub Exploit DB Packet Storm

254642	10	危険	オラクル	-	Oracle Database の Listener コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0071	2010-02-12 12:20	2010-01-12	Show	GitHub Exploit DB Packet Storm

254643	5	警告	Pidgin Adium レッドハット	-	Pidgin および Adium の MSN プロトコルプラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0013	2010-02-10 13:39	2010-01-8	Show	GitHub Exploit DB Packet Storm

254644	10	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat の U3D 実装における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2009-3959	2010-02-10 13:39	2010-01-12	Show	GitHub Exploit DB Packet Storm

254645	10	危険	アドビシステムズ	-	Adobe Reader および Acrobat のダウンロードマネージャーにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-3958	2010-02-10 13:39	2010-01-12	Show	GitHub Exploit DB Packet Storm

254646	5	警告	アドビシステムズ	-	Adobe Reader および Acrobat におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-3957	2010-02-10 13:39	2010-01-12	Show	GitHub Exploit DB Packet Storm

254647	10	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるスクリプトインジェクションの脆弱性に関連した脆弱性	CWE-16 環境設定	CVE-2009-3956	2010-02-10 13:39	2010-01-12	Show	GitHub Exploit DB Packet Storm

254648	10	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2009-3955	2010-02-10 13:38	2010-01-12	Show	GitHub Exploit DB Packet Storm

254649	10	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat の 3D 実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3954	2010-02-10 13:38	2010-01-12	Show	GitHub Exploit DB Packet Storm

254650	6.8	警告	サン・マイクロシステムズ	-	Sun Solaris の Trusted Extensions における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0310	2010-02-10 13:38	2010-01-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
283281	9.8	CRITICAL Network	karo_project	karo	The karo gem 2.3.8 for Ruby allows Remote command injection via the host field.	CWE-77 Command Injection	CVE-2014-10075	2024-11-21 11:03	2018-10-5	Show	GitHub Exploit DB Packet Storm

283282	9.8	CRITICAL Network	umbraco	umbraco_cms	Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2014-10074	2024-11-21 11:03	2018-08-27	Show	GitHub Exploit DB Packet Storm

283283	7.5	HIGH Network	fancy-server_project	fancy-server	Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory.	CWE-22 Path Traversal	CVE-2014-10066	2024-11-21 11:03	2018-06-1	Show	GitHub Exploit DB Packet Storm

283284	6.1	MEDIUM Network	remarkable_project	remarkable	Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content.	CWE-79 Cross-site Scripting	CVE-2014-10065	2024-11-21 11:03	2018-06-1	Show	GitHub Exploit DB Packet Storm

283285	7.5	HIGH Network	qs_project	qs	The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of t…	CWE-399 Resource Management Errors	CVE-2014-10064	2024-11-21 11:03	2018-06-1	Show	GitHub Exploit DB Packet Storm

283286	7.5	HIGH Network	hapi	inert	The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false.	CWE-22 Path Traversal	CVE-2014-10068	2024-11-21 11:03	2018-05-30	Show	GitHub Exploit DB Packet Storm

283287	5.9	MEDIUM Network	paypal-ipn_project	paypal-ipn	paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by the PayPal IPN simulator) to determine if it should use the production PayPal site or the sandbox. With a bit of time, an attack…	CWE-287 Improper Authentication	CVE-2014-10067	2024-11-21 11:03	2018-05-30	Show	GitHub Exploit DB Packet Storm

283288	7.1	HIGH Network	ibm	rational_clearquest	Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rationa…	CWE-611 XXE	CVE-2014-0950	2024-11-21 11:03	2018-04-21	Show	GitHub Exploit DB Packet Storm

283289	9.1	CRITICAL Network	ibm	rational_clearcase	Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) C…	CWE-611 XXE	CVE-2014-0931	2024-11-21 11:03	2018-04-21	Show	GitHub Exploit DB Packet Storm

283290	8.1	HIGH Network	ibm	sterling_b2b_integrator sterling_file_gateway	The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port…	CWE-287 Improper Authentication	CVE-2014-0927	2024-11-21 11:03	2018-04-21	Show	GitHub Exploit DB Packet Storm