Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255101	9.3	危険	マイクロソフト	-	Microsoft WMI Administrative Tools の WBEMSingleView.ocx ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-4588	2011-01-20 13:58	2010-12-23	Show	GitHub Exploit DB Packet Storm

255102	5.8	警告	Mozilla Foundation オラクル	-	複数の Mozilla 製品の Math.random 関数におけるユーザを追跡される脆弱性	CWE-310 暗号の問題	CVE-2010-3171	2011-01-20 13:51	2010-06-22	Show	GitHub Exploit DB Packet Storm

255103	4.3	警告	Git project レッドハット	-	Git の Gitweb におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3906	2011-01-20 13:47	2010-12-14	Show	GitHub Exploit DB Packet Storm

255104	9.3	危険	Google レッドハット	-	Google Chrome の WebM libvpx におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2010-4203	2011-01-20 13:41	2010-11-4	Show	GitHub Exploit DB Packet Storm

255105	10	危険	Ecava	-	Ecava IntegraXor にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4597	2011-01-20 13:33	2010-12-20	Show	GitHub Exploit DB Packet Storm

255106	9.3	危険	アドビシステムズ	-	Adobe PhotoShop における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-3127	2011-01-20 13:29	2010-08-26	Show	GitHub Exploit DB Packet Storm

255107	6.1	警告	アップル	-	複数の Apple 製品上で稼働する ICMPv6 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-2189	2011-01-20 11:14	2010-12-22	Show	GitHub Exploit DB Packet Storm

255108	7.1	危険	アップル	-	複数の Apple 製品上で稼働するネットワークブリッジ機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-1804	2011-01-19 16:36	2010-12-22	Show	GitHub Exploit DB Packet Storm

255109	2.6	注意	アップル	-	複数の Apple 製品上で稼働する Application-Level Gateway におけるデバイスの IP アドレスを使用される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0039	2011-01-19 16:34	2010-12-22	Show	GitHub Exploit DB Packet Storm

255110	-	-	Invensys	-	Wonderware InBatch と I/A Series Batch の database lock manager service (lm_tcp) にバッファオーバーフローの脆弱性	-	-	2011-01-19 15:54	2010-12-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
275461	6.7	MEDIUM Local	lenovo	fingerprint_manager	Services and files in Lenovo Fingerprint Manager before 8.01.42 have incorrect ACLs, which allows local users to invalidate local checks and gain privileges via standard filesystem operations.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-3321	2024-11-21 11:29	2017-10-3	Show	GitHub Exploit DB Packet Storm

275462	7.8	HIGH Local	usb-creator_project	usb-creator	usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-3643	2024-11-21 11:29	2017-09-28	Show	GitHub Exploit DB Packet Storm

275463	6.1	MEDIUM Network	nodebb	nodebb	Multiple cross-site scripting (XSS) vulnerabilities in NodeBB before 0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript: or (2) data: URLs.	CWE-79 Cross-site Scripting	CVE-2015-3296	2024-11-21 11:29	2017-09-21	Show	GitHub Exploit DB Packet Storm

275464	6.1	MEDIUM Network	pydio	pydio	Multiple cross-site scripting (XSS) vulnerabilities in Pydio (formerly AjaXplorer) before 6.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Pydio XSS V…	CWE-79 Cross-site Scripting	CVE-2015-3432	2024-11-21 11:29	2017-09-20	Show	GitHub Exploit DB Packet Storm

275465	9.8	CRITICAL Network	pydio	pydio	Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to execute arbitrary commands via unspecified vectors, aka "Pydio OS Command Injection Vulnerabilities."	CWE-78 OS Command	CVE-2015-3431	2024-11-21 11:29	2017-09-20	Show	GitHub Exploit DB Packet Storm

275466	5.9	MEDIUM Network	dovecot fedoraproject	dovecot fedora	The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures.	CWE-295 Improper Certificate Validation	CVE-2015-3420	2024-11-21 11:29	2017-09-20	Show	GitHub Exploit DB Packet Storm

275467	6.5	MEDIUM Network	vbulletin	vbulletin	vBulletin 5.x through 5.1.6 allows remote authenticated users to bypass authorization checks and inject private messages into conversations via vectors related to an input validation failure.	CWE-20 Improper Input Validation	CVE-2015-3419	2024-11-21 11:29	2017-09-20	Show	GitHub Exploit DB Packet Storm

275468	6.1	MEDIUM Network	floating_social_bar_project	floating_social_bar	Cross-site scripting (XSS) vulnerability in the Floating Social Bar plugin before 1.1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to original se…	CWE-79 Cross-site Scripting	CVE-2015-3299	2024-11-21 11:29	2017-09-20	Show	GitHub Exploit DB Packet Storm

275469	8.1	HIGH Network	tune_library_project	tune_library	SQL injection vulnerability in WordPress Tune Library plugin before 1.5.5.	CWE-89 SQL Injection	CVE-2015-3314	2024-11-21 11:29	2017-09-8	Show	GitHub Exploit DB Packet Storm

275470	9.8	CRITICAL Network	community_events_project	community_events	SQL injection vulnerability in WordPress Community Events plugin before 1.4.	CWE-89 SQL Injection	CVE-2015-3313	2024-11-21 11:29	2017-09-8	Show	GitHub Exploit DB Packet Storm