Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255601	9.3	危険	マイクロソフト	-	Microsoft Windows の SMB クライアント実装における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0016	2010-03-1 11:35	2010-02-9	Show	GitHub Exploit DB Packet Storm

255602	5	警告	日立	-	uCosminexus Portal Framework におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2010-02-26 11:36	2010-01-29	Show	GitHub Exploit DB Packet Storm

255603	2.6	注意	tDiary開発プロジェクト	-	tDiary 付属のプラグイン tb-send.rb におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0726	2010-02-25 15:03	2010-02-25	Show	GitHub Exploit DB Packet Storm

255604	4.3	警告	サン・マイクロシステムズ	-	Sun ONE/iPlanet Web Server における HTTP リクエストを非表示にされる脆弱性	CWE-Other その他	CVE-2003-1578	2010-02-25 12:36	2003-11-14	Show	GitHub Exploit DB Packet Storm

255605	2.6	注意	サン・マイクロシステムズ	-	Sun ONE/iPlanet Web Server におけるログファイルに任意のテキストを挿入される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2003-1577	2010-02-25 12:36	2003-11-14	Show	GitHub Exploit DB Packet Storm

255606	5	警告	IBM	-	IBM WebSphere Application Server の Single Sign-on 機能における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-0563	2010-02-25 12:35	2010-02-5	Show	GitHub Exploit DB Packet Storm

255607	5	警告	アップル	-	Apple Safari の WebKit における任意の Web サイトにリクエストされる脆弱性	CWE-Other その他	CVE-2009-2841	2010-02-25 12:33	2009-11-11	Show	GitHub Exploit DB Packet Storm

255608	10	危険	アップル	-	Apple Safari の WebKit における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2009-3384	2010-02-25 12:33	2009-11-11	Show	GitHub Exploit DB Packet Storm

255609	7.1	危険	Linux レッドハット	-	Linux kernel の icmp_send 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-0778	2010-02-25 12:33	2009-03-12	Show	GitHub Exploit DB Packet Storm

255610	7.2	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux Kernel の audit_syscall_entry 関数におけるシステムコール監査設定を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-0834	2010-02-25 12:33	2009-03-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266451	6.1	MEDIUM Network	huawei	agile_controller-campus	Cross-site scripting (XSS) vulnerability in an unspecified portal authentication page in Huawei Agile Controller-Campus with software before V100R001C00SPC319 allows remote attackers to inject arbitr…	CWE-79 Cross-site Scripting	CVE-2016-2214	2024-11-21 11:48	2016-02-9	Show	GitHub Exploit DB Packet Storm

266452	9.8	CRITICAL Network	openelec	openelec	OpenELEC and RasPlex devices have a hardcoded password for the root account, which makes it easier for remote attackers to obtain access via an SSH session.	CWE-255 Credentials Management	CVE-2016-2230	2024-11-21 11:48	2016-02-9	Show	GitHub Exploit DB Packet Storm

266453	5.3	MEDIUM Network	siemens	simatic_s7-1500_cpu_firmware	Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protection mechanism via packets on TCP port 102.	CWE-20 Improper Input Validation	CVE-2016-2201	2024-11-21 11:48	2016-02-9	Show	GitHub Exploit DB Packet Storm

266454	7.5	HIGH Network	siemens	simatic_s7-1500_cpu_firmware	Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to cause a denial of service (STOP mode transition) via crafted packets on TCP port 102.	CWE-20 Improper Input Validation	CVE-2016-2200	2024-11-21 11:48	2016-02-9	Show	GitHub Exploit DB Packet Storm

266455	6.5	MEDIUM Network	ffmpeg	ffmpeg	The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (out-of-bounds array read access) via crafted JPEG 2000 data.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-2213	2024-11-21 11:48	2016-02-3	Show	GitHub Exploit DB Packet Storm

266456	8.8	HIGH Network	mcafee	vulnerability_manager	Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote …	CWE-352 Origin Validation Error	CVE-2016-2199	2024-11-21 11:48	2016-02-2	Show	GitHub Exploit DB Packet Storm

266457	-		-	-	In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products th…	-	CVE-2016-20022	2024-11-21 11:47	2024-06-28	Show	GitHub Exploit DB Packet Storm

266458	9.8	CRITICAL Network	gentoo	portage	In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-w…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2016-20021	2024-11-21 11:47	2024-01-12	Show	GitHub Exploit DB Packet Storm

266459	7.5	HIGH Network	knexjs	knex	Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.	CWE-89 SQL Injection	CVE-2016-20018	2024-11-21 11:47	2022-12-19	Show	GitHub Exploit DB Packet Storm

266460	9.8	CRITICAL Network	dlink	dsl-2750b_firmware	D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.	CWE-77 Command Injection	CVE-2016-20017	2024-11-21 11:47	2022-10-19	Show	GitHub Exploit DB Packet Storm