Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 12:06 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255021 10 危険 サン・マイクロシステムズ
サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/Thunderbird の JavaScript エンジンにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-2466 2010-04-1 13:38 2009-07-21 Show GitHub Exploit DB Packet Storm
255022 10 危険 サン・マイクロシステムズ
サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/Thunderbird の base64 デコード関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-2463 2010-04-1 13:36 2009-07-21 Show GitHub Exploit DB Packet Storm
255023 10 危険 サン・マイクロシステムズ
サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/Thunderbird のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-2462 2010-04-1 13:34 2009-07-21 Show GitHub Exploit DB Packet Storm
255024 7.2 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の fasync_helper 関数における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-4141 2010-03-29 15:18 2010-01-19 Show GitHub Exploit DB Packet Storm
255025 9.3 危険 アップル - Apple Safari における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0045 2010-03-25 11:49 2010-03-15 Show GitHub Exploit DB Packet Storm
255026 4.3 警告 アップル - Apple Safari の PubSub における Cookie が設定される脆弱性 CWE-16
環境設定 		CVE-2010-0044 2010-03-25 11:49 2010-03-15 Show GitHub Exploit DB Packet Storm
255027 7.5 危険 サン・マイクロシステムズ
GNU Project
サイバートラスト株式会社
レッドハット		 - GNU tar の safer_name_suffix 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-4476 2010-03-25 11:47 2007-08-17 Show GitHub Exploit DB Packet Storm
255028 7.8 危険 VMware - VMware Fusion の vmx86 のカーネル拡張における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-3282 2010-03-24 12:23 2009-10-1 Show GitHub Exploit DB Packet Storm
255029 7.2 危険 VMware - VMware Fusion の vmx86 のカーネル拡張における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3281 2010-03-24 12:22 2009-10-1 Show GitHub Exploit DB Packet Storm
255030 9.3 危険 VMware - 複数の VMware 製品の VMnc media コーデックにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-2628 2010-03-24 12:22 2009-09-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
305341 5.4 MEDIUM
Network 		librenms librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the API-Access page allows authenticated users to inject arbitrary Jav… CWE-79
Cross-site Scripting 		CVE-2024-49754 2024-11-21 00:02 2024-11-16 Show GitHub Exploit DB Packet Storm
305342 6.1 MEDIUM
Network 		cleancoder fitnesse Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using t… CWE-79
Cross-site Scripting 		CVE-2024-39610 2024-11-21 00:02 2024-11-15 Show GitHub Exploit DB Packet Storm
305343 6.1 MEDIUM
Network 		wpplugins hide_my_wp_ghost The Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL in all versions up to, and including, 5.3.01 due to insufficient input sani… CWE-79
Cross-site Scripting 		CVE-2024-10825 2024-11-21 00:01 2024-11-15 Show GitHub Exploit DB Packet Storm
305344 4.3 MEDIUM
Network 		moodle moodle A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify. CWE-863
 Incorrect Authorization 		CVE-2024-48897 2024-11-20 23:48 2024-11-18 Show GitHub Exploit DB Packet Storm
305345 4.3 MEDIUM
Network 		moodle moodle A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messagin… CWE-209
Information Exposure Through an Error Message 		CVE-2024-48896 2024-11-20 23:47 2024-11-18 Show GitHub Exploit DB Packet Storm
305346 4.3 MEDIUM
Network 		moodle moodle A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from. CWE-862
 Missing Authorization 		CVE-2024-48898 2024-11-20 23:46 2024-11-18 Show GitHub Exploit DB Packet Storm
305347 4.3 MEDIUM
Network 		moodle moodle A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report. CWE-863
 Incorrect Authorization 		CVE-2024-48901 2024-11-20 23:45 2024-11-18 Show GitHub Exploit DB Packet Storm
305348 9.8 CRITICAL
Network 		really-simple-plugins really_simple_security The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling… CWE-306
Missing Authentication for Critical Function 		CVE-2024-10924 2024-11-20 23:44 2024-11-15 Show GitHub Exploit DB Packet Storm
305349 5.4 MEDIUM
Network 		librenms librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Custom OID" tab of a device allows authenticated users to inject … CWE-79
Cross-site Scripting 		CVE-2024-51497 2024-11-20 23:41 2024-11-16 Show GitHub Exploit DB Packet Storm
305350 5.4 MEDIUM
Network 		librenms librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrar… CWE-79
Cross-site Scripting 		CVE-2024-51495 2024-11-20 23:41 2024-11-16 Show GitHub Exploit DB Packet Storm