Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254861 9.3 危険 ジャストシステム - 一太郎シリーズにおける任意のコードが実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3915 2010-11-5 15:01 2010-11-4 Show GitHub Exploit DB Packet Storm
254862 4.3 警告 IBM
Apache Software Foundation
アップル
サイバートラスト株式会社
富士通
サン・マイクロシステムズ
ターボリナックス
ヒューレット・パッカード
レッドハット		 - Apache の mod_proxy_ftp モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2939 2010-11-4 15:35 2008-08-6 Show GitHub Exploit DB Packet Storm
254863 1.9 注意 オラクル - Oracle Solaris および OpenSolaris における USB の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3542 2010-11-4 15:31 2010-10-12 Show GitHub Exploit DB Packet Storm
254864 2.4 注意 オラクル - Oracle Solaris および OpenSolaris における Device Drivers の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3513 2010-11-4 15:31 2010-10-12 Show GitHub Exploit DB Packet Storm
254865 3.2 注意 オラクル - Oracle Solaris における Solaris Zones の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3508 2010-11-4 15:30 2010-10-12 Show GitHub Exploit DB Packet Storm
254866 3.5 注意 オラクル - Oracle Sun Products Suite の Oracle iPlanet Web Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3512 2010-11-2 15:53 2010-10-12 Show GitHub Exploit DB Packet Storm
254867 3.6 注意 オラクル - Oracle Solaris および OpenSolaris における SCSI enclosure services デバイスドライバの処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3576 2010-11-2 15:53 2010-10-12 Show GitHub Exploit DB Packet Storm
254868 4 警告 オラクル - Oracle Solaris および OpenSolaris における ZFS の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3540 2010-11-2 15:53 2010-10-12 Show GitHub Exploit DB Packet Storm
254869 4 警告 オラクル - Oracle Solaris および OpenSolaris における InfiniBand の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-3516 2010-11-2 15:52 2010-10-12 Show GitHub Exploit DB Packet Storm
254870 4 警告 オラクル - Oracle Solaris および OpenSolaris の Solaris コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3515 2010-11-2 15:52 2010-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258911 6.5 MEDIUM
Network 		ishekar endoscope_camera_firmware Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that any malicious user connecting to the device can change the default SSID and p… CWE-255
Credentials Management 		CVE-2017-10718 2024-11-21 12:06 2019-06-18 Show GitHub Exploit DB Packet Storm
258912 5.5 MEDIUM
Local 		qualcomm ipq8074_firmware
mdm9206_firmware
mdm9607_firmware
mdm9635m_firmware
mdm9650_firmware
mdm9655_firmware
msm8996au_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware 		A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU,… NVD-CWE-noinfo
CVE-2017-11004 2024-11-21 12:06 2019-01-4 Show GitHub Exploit DB Packet Storm
258913 7.5 HIGH
Network 		zte zxiptv-ucm_firmware SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the d… CWE-89
SQL Injection 		CVE-2017-10937 2024-11-21 12:06 2018-07-26 Show GitHub Exploit DB Packet Storm
258914 7.5 HIGH
Network 		zte zxcdn-sns_firmware SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclos… CWE-89
SQL Injection 		CVE-2017-10936 2024-11-21 12:06 2018-07-26 Show GitHub Exploit DB Packet Storm
258915 7.2 HIGH
Network 		zte zxr10_1800-2s_firmware All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password. NVD-CWE-noinfo
CVE-2017-10935 2024-11-21 12:06 2018-07-26 Show GitHub Exploit DB Packet Storm
258916 9.8 CRITICAL
Network 		zte zxiptv-epg_firmware All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserializatio… CWE-502
 Deserialization of Untrusted Data 		CVE-2017-10934 2024-11-21 12:06 2018-07-26 Show GitHub Exploit DB Packet Storm
258917 9.8 CRITICAL
Network 		qualcomm mdm9206_firmware
mdm9607_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_425_firmware
sd_430_firmware
sd_450_firmware
sd_625_firmware
sd_820_firmware
sd_835_… 		In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After… CWE-416
 Use After Free 		CVE-2017-11011 2024-11-21 12:06 2018-04-12 Show GitHub Exploit DB Packet Storm
258918 9.8 CRITICAL
Network 		google android In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected. NVD-CWE-noinfo
CVE-2017-11010 2024-11-21 12:06 2018-03-31 Show GitHub Exploit DB Packet Storm
258919 8.8 HIGH
Adjacent 		corega cg-wgr_1200_firmware Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors. CWE-306
Missing Authentication for Critical Function 		CVE-2017-10854 2024-11-21 12:06 2018-03-10 Show GitHub Exploit DB Packet Storm
258920 8.8 HIGH
Adjacent 		corega cg-wgr_1200_firmware Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-10853 2024-11-21 12:06 2018-03-10 Show GitHub Exploit DB Packet Storm