Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255071	4.4	警告	アップル	-	Apple Mac OS X の DesktopServices におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0545	2010-07-8 18:26	2010-06-15	Show	GitHub Exploit DB Packet Storm

255072	10	危険	ヒューレット・パッカード SGI IBM	-	rpc.pcnfsd の _msgout 関数における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-1039	2010-07-8 18:03	2010-05-18	Show	GitHub Exploit DB Packet Storm

255073	1.2	注意	IBM OpenBSD	-	OpenSSH における X11 転送ポートをハイジャックされる脆弱性	CWE-200 情報漏えい	CVE-2008-3259	2010-07-7 16:40	2008-07-22	Show	GitHub Exploit DB Packet Storm

255074	4.3	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail におけるユーザインターフェースを偽装される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1581	2010-07-6 19:19	2009-05-12	Show	GitHub Exploit DB Packet Storm

255075	6.8	警告	アップル SquirrelMail Project	-	SquirrelMail におけるセッション固定の脆弱性	CWE-287 不適切な認証	CVE-2009-1580	2010-07-6 19:18	2009-05-11	Show	GitHub Exploit DB Packet Storm

255076	6.8	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-1579	2010-07-6 19:18	2009-05-10	Show	GitHub Exploit DB Packet Storm

255077	4.3	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1578	2010-07-6 19:18	2009-05-8	Show	GitHub Exploit DB Packet Storm

255078	8.5	危険	マイクロソフト	-	Microsoft IIS における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1256	2010-07-5 17:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

255079	4	警告	マイクロソフト	-	Microsoft Windows SharePoint Services におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-1264	2010-07-5 17:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

255080	6.9	警告	マイクロソフト	-	Open XML File Format Converter のインストールにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1254	2010-07-5 17:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
302521	-	php-programs	apboard_developers_apboard	SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than …	CWE-89 SQL Injection	CVE-2010-4955	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302522	-	gambio	xt\	SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.	CWE-89 SQL Injection	CVE-2010-4954	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302523	-	jw_calendar	jw_calendar	Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.	NVD-CWE-noinfo	CVE-2010-4953	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302524	-	joachim_ruhs	festat	SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2010-4952	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302525	-	thomas_mammitzsch	vx_xajax_shoutbox	Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vect…	CWE-79 Cross-site Scripting	CVE-2010-4951	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302526	-	joachim_ruhs	event	SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2010-4950	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302527	-	evnix	freichat freichatpure	Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary…	CWE-79 Cross-site Scripting	CVE-2010-4949	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302528	-	phpgalleryscript	php_free_photo_gallery	PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.	CWE-94 Code Injection	CVE-2010-4948	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302529	-	allpcscript	allpc	Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.	CWE-79 Cross-site Scripting	CVE-2010-4947	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm

302530	-	allpcscript	allpc	SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.	CWE-89 SQL Injection	CVE-2010-4946	2024-11-21 10:22	2011-10-9	Show	GitHub Exploit DB Packet Storm