Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254881 4.3 警告 アップル
サイバートラスト株式会社
LibTIFF
サン・マイクロシステムズ
レッドハット		 - libtiff の LZWDecodeCompat 関数におけるバッファアンダーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-2285 2010-04-27 15:19 2009-07-1 Show GitHub Exploit DB Packet Storm
254882 4.3 警告 サイバートラスト株式会社
レッドハット		 - Red Hat および MIRACLE LINUX の sendmail におけるメール送信元を偽装される脆弱性 - CVE-2006-7176 2010-04-27 15:18 2007-03-27 Show GitHub Exploit DB Packet Storm
254883 6.9 警告 アップル - Windows 上で稼働する Apple iTunes のインストールパッケージにおける権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0532 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
254884 4.3 警告 アップル - Apple iTunes におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0531 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
254885 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0536 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
254886 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime の QuickTime.qts における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0529 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
254887 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0528 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
254888 9.3 危険 アップル - Apple QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0527 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
254889 5 警告 アップル
サイバートラスト株式会社
Ruby-lang.org
レッドハット		 - Ruby の BigDecimal ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-1904 2010-04-26 16:46 2009-06-9 Show GitHub Exploit DB Packet Storm
254890 6.9 警告 アップル
Vim		 - Vim の Python インターフェースの src/if_python.c における信頼性のない検索パスの脆弱性 CWE-Other
その他 		CVE-2009-0316 2010-04-26 16:45 2009-01-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
274881 6.5 MEDIUM
Network 		imagely nextgen_gallery In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicati… CWE-352
 Origin Validation Error 		CVE-2015-1785 2024-11-21 11:26 2022-07-7 Show GitHub Exploit DB Packet Storm
274882 8.8 HIGH
Network 		imagely nextgen_gallery In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicati… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2015-1784 2024-11-21 11:26 2022-07-7 Show GitHub Exploit DB Packet Storm
274883 7.6 HIGH
Network 		python
netapp
fedoraproject 		python
snapcenter
ontap_select_deploy_administration_utility
active_iq_unified_manager
fedora 		In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into app… CWE-77
Command Injection 		CVE-2015-20107 2024-11-21 11:26 2022-04-14 Show GitHub Exploit DB Packet Storm
274884 4.8 MEDIUM
Network 		cbads clickbank_affiliate_ads The ClickBank Affiliate Ads WordPress plugin through 1.20 does not escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallow… - CVE-2015-20106 2024-11-21 11:26 2021-12-3 Show GitHub Exploit DB Packet Storm
274885 9.6 CRITICAL
Network 		cbads clickbank_affiliate_ads The ClickBank Affiliate Ads WordPress plugin through 1.20 does not have CSRF check when saving its settings, allowing attacker to make logged in admin change them via a CSRF attack. Furthermore, due … - CVE-2015-20105 2024-11-21 11:26 2021-12-3 Show GitHub Exploit DB Packet Storm
274886 7.5 HIGH
Network 		wp_attachment_export_project wp_attachment_export The WP Attachment Export WordPress plugin before 0.2.4 does not have proper access controls, allowing unauthenticated users to download the XML data that holds all the details of attachments/posts on… - CVE-2015-20067 2024-11-21 11:26 2021-11-1 Show GitHub Exploit DB Packet Storm
274887 5.4 MEDIUM
Network 		content_text_slider_on_post_project content_text_slider_on_post The Content text slider on post WordPress plugin before 6.9 does not sanitise and escape the Title and Message/Content settings, which could lead to Cross-Site Scripting issues - CVE-2015-20019 2024-11-21 11:26 2021-11-1 Show GitHub Exploit DB Packet Storm
274888 7.5 HIGH
Network 		sap businessobjects_edge The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681. CWE-22
Path Traversal 		CVE-2015-2074 2024-11-21 11:26 2021-08-10 Show GitHub Exploit DB Packet Storm
274889 7.5 HIGH
Network 		sap businessobjects_edge The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682. CWE-22
Path Traversal 		CVE-2015-2073 2024-11-21 11:26 2021-08-10 Show GitHub Exploit DB Packet Storm
274890 8.8 HIGH
Network 		webgate edvr_manager
control_center 		Multiple stack-based buffer overflows in WebGate eDVR Manager and Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the (1) TCPDiscover or (2) TCPDiscover2 fu… CWE-787
 Out-of-bounds Write 		CVE-2015-2100 2024-11-21 11:26 2021-07-23 Show GitHub Exploit DB Packet Storm