Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254871	6.4	警告	The PHP Group	-	PHP における重要な情報を取得される脆弱性	CWE-119 バッファエラー	CVE-2010-2191	2010-08-17 17:35	2010-05-31	Show	GitHub Exploit DB Packet Storm

254872	5	警告	The PHP Group	-	PHP の Zend Engine における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-1914	2010-08-17 17:34	2010-05-8	Show	GitHub Exploit DB Packet Storm

254873	6.4	警告	The PHP Group	-	PHP の sysvshm 拡張における任意のメモリアドレスを書かれる脆弱性	CWE-399 リソース管理の問題	CVE-2010-1861	2010-08-17 17:33	2010-05-5	Show	GitHub Exploit DB Packet Storm

254874	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-0654	2010-08-16 18:57	2010-02-18	Show	GitHub Exploit DB Packet Storm

254875	7.6	危険	アップル	-	Apple Safari における window オブジェクトの処理に脆弱性	CWE-399 リソース管理の問題	CVE-2010-1939	2010-08-16 15:08	2010-05-12	Show	GitHub Exploit DB Packet Storm

254876	7.6	危険	IBM	-	IBM Lotus Domino Web Access の ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0919	2010-08-16 15:05	2010-03-3	Show	GitHub Exploit DB Packet Storm

254877	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品における重要な cross-origin 情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1207	2010-08-13 17:15	2010-07-20	Show	GitHub Exploit DB Packet Storm

254878	6.8	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品におけるクローム特権で任意の JavaScript コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1215	2010-08-13 17:14	2010-07-20	Show	GitHub Exploit DB Packet Storm

254879	7.8	危険	マイクロソフト	-	Microsoft Windows におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-1892	2010-08-13 14:01	2010-08-13	Show	GitHub Exploit DB Packet Storm

254880	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1212	2010-08-12 19:03	2010-07-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252451	6.5	MEDIUM Network	ibm	api_connect	IBM API Connect 5.0.7.0 through 5.0.7.2 is vulnerable to a regular expression attack that could allow an authenticated attacker to use a regex and cause the system to slow or hang. IBM X-Force ID: 13…	CWE-20 Improper Input Validation	CVE-2017-1556	2024-11-21 12:22	2017-09-14	Show	GitHub Exploit DB Packet Storm

252452	3.7	LOW Network	ibm	db2 db2_connect	IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.	CWE-287 Improper Authentication	CVE-2017-1520	2024-11-21 12:22	2017-09-13	Show	GitHub Exploit DB Packet Storm

252453	5.9	MEDIUM Network	ibm	db2 db2_connect	IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.	CWE-20 Improper Input Validation	CVE-2017-1519	2024-11-21 12:22	2017-09-13	Show	GitHub Exploit DB Packet Storm

252454	5.4	MEDIUM Network	ibm	cognos_analytics	IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially …	CWE-79 Cross-site Scripting	CVE-2017-1535	2024-11-21 12:22	2017-08-30	Show	GitHub Exploit DB Packet Storm

252455	8.8	HIGH Network	cs-cart	cs-cart_multivendor cs-cart	Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) a…	CWE-352 Origin Validation Error	CVE-2017-2138	2024-11-21 12:22	2017-08-3	Show	GitHub Exploit DB Packet Storm

252456	9.8	CRITICAL Network	buffalo	wapm-1166d_firmware wapm-apg600h_firmware	WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors.	CWE-287 Improper Authentication	CVE-2017-2126	2024-11-21 12:22	2017-07-22	Show	GitHub Exploit DB Packet Storm

252457	4.8	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu.	CWE-79 Cross-site Scripting	CVE-2017-2146	2024-11-21 12:22	2017-07-7	Show	GitHub Exploit DB Packet Storm

252458	5.4	MEDIUM Network	cybozu	garoon	Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors.	CWE-384 Session Fixation	CVE-2017-2145	2024-11-21 12:22	2017-07-7	Show	GitHub Exploit DB Packet Storm

252459	5.4	MEDIUM Network	cybozu	garoon	Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page.	NVD-CWE-noinfo	CVE-2017-2144	2024-11-21 12:22	2017-07-7	Show	GitHub Exploit DB Packet Storm

252460	5.4	MEDIUM Network	tenable	nessus	Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2017-2122	2024-11-21 12:22	2017-05-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed