Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254801	7.6	危険	Mozilla Foundation	-	Mozilla Firefox の nsDocument::MaybePreLoadImage 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0168	2010-04-6 16:49	2010-03-23	Show	GitHub Exploit DB Packet Storm

254802	9.3	危険	Mozilla Foundation	-	Mozilla Firefox の imgContainer::InternalAddFrameHelper 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0164	2010-04-6 16:49	2010-03-23	Show	GitHub Exploit DB Packet Storm

254803	4.3	警告	Mozilla Foundation レッドハット	-	複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0171	2010-04-5 14:54	2010-03-23	Show	GitHub Exploit DB Packet Storm

254804	4.3	警告	Mozilla Foundation	-	Mozilla Firefox における同一生成元ポリシーを回避される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0170	2010-04-5 14:53	2010-03-23	Show	GitHub Exploit DB Packet Storm

254805	7.5	危険	Heartlogic	-	HL-SiteManager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1331	2010-04-2 15:02	2010-04-2	Show	GitHub Exploit DB Packet Storm

254806	9.3	危険	Mozilla Foundation	-	Mozilla Firefox の Web Open Fonts Format デコーダにおける整数オーバーフローの脆弱性	CWE-noinfo 情報不足	CVE-2010-1028	2010-04-2 14:05	2010-03-19	Show	GitHub Exploit DB Packet Storm

254807	5	警告	富士通アクセラテクノロジ	-	Accela BizSearch のローカル収集におけるアクセス権限に関する脆弱性	CWE-200 情報漏えい	-	2010-04-2 14:05	2010-03-10	Show	GitHub Exploit DB Packet Storm

254808	1.9	注意	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel における SCSI ホストの属性に任意の変更を加えられる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3556	2010-04-2 14:02	2010-01-19	Show	GitHub Exploit DB Packet Storm

254809	10	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の e1000e ドライバにおけるイーサネットフレームの処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2009-4538	2010-04-2 14:02	2010-01-12	Show	GitHub Exploit DB Packet Storm

254810	6.6	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の poll_mode_io ファイルにおけるドライバの I/O モードを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-3939	2010-04-2 14:00	2009-11-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
310461	-		-	-	The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malf…	-	CVE-2024-8445	2024-10-1 15:15	2024-09-6	Show	GitHub Exploit DB Packet Storm

310462	6.1	MEDIUM Network	doverfuelingsolutions	progauge_maglink_lx_console_firmware progauge_maglink_lx4_console_firmware	ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.	CWE-79 Cross-site Scripting	CVE-2024-41725	2024-10-1 04:55	2024-09-25	Show	GitHub Exploit DB Packet Storm

310463	5.5	MEDIUM Local	apple	macos iphone_os ipados watchos	A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, macOS Sequoia 15. An app may be able to access user-sensitiv…	NVD-CWE-noinfo	CVE-2024-44170	2024-10-1 04:48	2024-09-17	Show	GitHub Exploit DB Packet Storm

310464	5.3	MEDIUM Network	scriptcase	scriptcase	Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass Security…	CWE-22 Path Traversal	CVE-2024-8941	2024-10-1 04:45	2024-09-25	Show	GitHub Exploit DB Packet Storm

310465	7.5	HIGH Network	kastle	access_control_system_firmware	Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-45862	2024-10-1 04:33	2024-09-20	Show	GitHub Exploit DB Packet Storm

310466	7.5	HIGH Network	kastle	access_control_system_firmware	Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.	CWE-798 Use of Hard-coded Credentials	CVE-2024-45861	2024-10-1 04:25	2024-09-20	Show	GitHub Exploit DB Packet Storm

310467	9.8	CRITICAL Network	-	-	Rejected reason: Duplicate of CVE-2024-45806.	-	CVE-2024-7207	2024-10-1 04:15	2024-09-20	Show	GitHub Exploit DB Packet Storm

310468	9.8	CRITICAL Network	github	enterprise_server	An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SAML authentication with specific identity providers utilizing publicly exposed signed federation met…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2024-6800	2024-10-1 04:14	2024-08-21	Show	GitHub Exploit DB Packet Storm

310469	5.3	MEDIUM Network	coffee2code	custom_post_limits	The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions up to, and including, 4.4.1. This is due to the plugin utilizing bootstrap and leaving test files wit…	CWE-209 Information Exposure Through an Error Message	CVE-2024-6544	2024-10-1 04:12	2024-09-14	Show	GitHub Exploit DB Packet Storm

310470	6.5	MEDIUM Network	moxa	mxview_one	The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of s…	CWE-22 Path Traversal	CVE-2024-6786	2024-10-1 03:31	2024-09-21	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed