Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255571 9.3 危険 OpenOffice.org Project
レッドハット		 - OpenOffice.org の GIFLZWDecompressor::GIFLZWDecompressor 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-2950 2010-03-5 10:32 2010-02-12 Show GitHub Exploit DB Packet Storm
255572 9.3 危険 OpenOffice.org Project
レッドハット		 - OpenOffice.org の XPMReader::ReadXPM 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-2949 2010-03-5 10:32 2010-02-12 Show GitHub Exploit DB Packet Storm
255573 4.3 警告 アドビシステムズ - Adobe BlazeDS における重要な情報を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3960 2010-03-5 10:32 2010-02-11 Show GitHub Exploit DB Packet Storm
255574 6.8 警告 Linux
レッドハット		 - KVM の pit_ioport_read 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2010-0309 2010-03-4 13:41 2010-02-9 Show GitHub Exploit DB Packet Storm
255575 4.1 警告 Linux
レッドハット		 - KVM の x86 エミュレータにおける権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0306 2010-03-4 13:41 2010-02-9 Show GitHub Exploit DB Packet Storm
255576 5 警告 レッドハット
リアルネットワークス		 - RealNetworks HelixPlayer および RealPlayer におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0417 2010-03-4 13:40 2010-02-18 Show GitHub Exploit DB Packet Storm
255577 7.5 危険 レッドハット
リアルネットワークス		 - RealNetworks HelixPlayer および RealPlayer の Unescape 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0416 2010-03-4 13:40 2010-02-18 Show GitHub Exploit DB Packet Storm
255578 9.3 危険 マイクロソフト - Microsoft Windows の Microsoft Paint における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0028 2010-03-3 11:54 2010-02-9 Show GitHub Exploit DB Packet Storm
255579 7.2 危険 マイクロソフト - Microsoft Windows の kernel における権限昇格の脆弱性 CWE-Other
その他 		CVE-2010-0233 2010-03-3 11:54 2010-02-9 Show GitHub Exploit DB Packet Storm
255580 6.3 警告 マイクロソフト - Microsoft Windows の KDC におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2010-0035 2010-03-3 11:54 2010-02-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248791 6.1 MEDIUM
Network 		lutim_project lutim Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim 0.7.1 and earlier allows remote attackers to inject arbitrary web script. CWE-79
Cross-site Scripting 		CVE-2017-6877 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm
248792 7.0 HIGH
Local 		linux linux_kernel Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via cr… CWE-362
CWE-416
Race Condition
 Use After Free 		CVE-2017-6874 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm
248793 6.1 MEDIUM
Network 		uninett mod_auth_mellon mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site… CWE-79
Cross-site Scripting 		CVE-2017-6807 2024-11-21 12:30 2017-03-13 Show GitHub Exploit DB Packet Storm
248794 8.8 HIGH
Network 		fiyo fiyo_cms Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter to dapur/ in an app=user&act=edit action. CWE-294
Authentication Bypass by Capture-replay  		CVE-2017-6823 2024-11-21 12:30 2017-03-12 Show GitHub Exploit DB Packet Storm
248795 6.1 MEDIUM
Network 		roundcube webmail rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element. CWE-79
Cross-site Scripting 		CVE-2017-6820 2024-11-21 12:30 2017-03-12 Show GitHub Exploit DB Packet Storm
248796 6.5 MEDIUM
Network 		wordpress wordpress In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an … CWE-352
 Origin Validation Error 		CVE-2017-6819 2024-11-21 12:30 2017-03-12 Show GitHub Exploit DB Packet Storm
248797 6.1 MEDIUM
Network 		wordpress wordpress In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names. CWE-79
Cross-site Scripting 		CVE-2017-6818 2024-11-21 12:30 2017-03-12 Show GitHub Exploit DB Packet Storm
248798 5.4 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds. CWE-79
Cross-site Scripting 		CVE-2017-6817 2024-11-21 12:30 2017-03-12 Show GitHub Exploit DB Packet Storm
248799 4.9 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality. CWE-863
 Incorrect Authorization 		CVE-2017-6816 2024-11-21 12:30 2017-03-12 Show GitHub Exploit DB Packet Storm
248800 6.1 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation. CWE-20
 Improper Input Validation  		CVE-2017-6815 2024-11-21 12:30 2017-03-12 Show GitHub Exploit DB Packet Storm