Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 12:06 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255111 6.9 警告 マイクロソフト - Microsoft Windows の Client/Server Run-time Subsystem における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0023 2010-03-3 11:53 2010-02-9 Show GitHub Exploit DB Packet Storm
255112 4 警告 マイクロソフト - Microsoft Windows の Hyper-V サーバ実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0026 2010-03-3 11:53 2010-02-9 Show GitHub Exploit DB Packet Storm
255113 9.3 危険 日本電気
アップル
富士通
古河電気工業
ヒューレット・パッカード
インターネットイニシアティブ
アラクサラネットワークス
日立		 - IPv6 NDP 実装における Neighbor Discovery メッセージの送信元検証処理に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2476 2010-03-3 11:43 2008-10-3 Show GitHub Exploit DB Packet Storm
255114 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0034 2010-03-2 11:29 2010-02-9 Show GitHub Exploit DB Packet Storm
255115 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0033 2010-03-2 11:28 2010-02-9 Show GitHub Exploit DB Packet Storm
255116 9.3 危険 マイクロソフト - Microsoft Office PowerPoint における任意のコードを実行される脆弱性 CWE-94
CWE-Other
CVE-2010-0032 2010-03-2 11:28 2010-02-9 Show GitHub Exploit DB Packet Storm
255117 9.3 危険 マイクロソフト - Microsoft Office PowerPoint における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0031 2010-03-2 11:27 2010-02-9 Show GitHub Exploit DB Packet Storm
255118 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0030 2010-03-2 11:27 2010-02-9 Show GitHub Exploit DB Packet Storm
255119 9.3 危険 マイクロソフト - Microsoft Office PowerPoint におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0029 2010-03-2 11:26 2010-02-9 Show GitHub Exploit DB Packet Storm
255120 10 危険 マイクロソフト - Microsoft Office の MSO.DLL におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0243 2010-03-1 11:37 2010-02-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269731 6.1 MEDIUM
Network 		ultimatemember ultimate_member Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPress plugin before 1.3.29 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _refer parameter to… CWE-79
Cross-site Scripting 		CVE-2015-8354 2024-11-21 11:38 2017-09-12 Show GitHub Exploit DB Packet Storm
269732 6.1 MEDIUM
Network 		role_scoper_project role_scoper Cross-site scripting (XSS) vulnerability in the Role Scoper plugin before 1.3.67 for WordPress allows remote attackers to inject arbitrary web script or HTML via the object_name parameter in a rs-obj… CWE-79
Cross-site Scripting 		CVE-2015-8353 2024-11-21 11:38 2017-09-12 Show GitHub Exploit DB Packet Storm
269733 9.0 CRITICAL
Network 		gwolle_guestbook_project gwolle_guestbook PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code v… CWE-94
Code Injection 		CVE-2015-8351 2024-11-21 11:38 2017-09-12 Show GitHub Exploit DB Packet Storm
269734 6.1 MEDIUM
Network 		inboundnow call_to_action Multiple cross-site scripting (XSS) vulnerabilities in the Calls to Action plugin before 2.5.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) open-tab paramet… CWE-79
Cross-site Scripting 		CVE-2015-8350 2024-11-21 11:38 2017-09-12 Show GitHub Exploit DB Packet Storm
269735 6.1 MEDIUM
Network 		gameconnect sourcebans Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php. CWE-79
Cross-site Scripting 		CVE-2015-8349 2024-11-21 11:38 2017-09-12 Show GitHub Exploit DB Packet Storm
269736 5.9 MEDIUM
Network 		lightdm_project lightdm Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service (process crash) via an XDMC… CWE-129
 Improper Validation of Array Index 		CVE-2015-8316 2024-11-21 11:38 2017-09-7 Show GitHub Exploit DB Packet Storm
269737 8.8 HIGH
Network 		huawei vcn500_firmware SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100R002C00SPC201 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTT… CWE-89
SQL Injection 		CVE-2015-8334 2024-11-21 11:38 2017-08-30 Show GitHub Exploit DB Packet Storm
269738 9.8 CRITICAL
Network 		knx ets Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote attackers to execute arbitrary code via a crafted KNXnet/IP UDP packet. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-8299 2024-11-21 11:38 2017-08-30 Show GitHub Exploit DB Packet Storm
269739 8.8 HIGH
Network 		huawei vcm5010_firmware
vcm5020_firmware 		Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and p… CWE-287
Improper Authentication 		CVE-2015-8332 2024-11-21 11:38 2017-08-29 Show GitHub Exploit DB Packet Storm
269740 7.8 HIGH
Local 		polycom btoe_connector Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privilege… CWE-275
 Permission Issues 		CVE-2015-8300 2024-11-21 11:38 2017-08-29 Show GitHub Exploit DB Packet Storm