Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255641	4.3	警告	アドビシステムズ	-	Adobe ColdFusion の Administrator ページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1293	2010-06-2 12:14	2010-05-11	Show	GitHub Exploit DB Packet Storm

255642	4.3	警告	アドビシステムズ	-	Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3467	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

255643	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の pami RIFF chunk 構文解析における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-1292	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

255644	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1291	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

255645	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1290	2010-06-2 12:13	2010-05-11	Show	GitHub Exploit DB Packet Storm

255646	9.3	危険	ジャストシステム	-	一太郎シリーズにおける任意のコードが実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-2152	2010-06-1 16:01	2010-06-1	Show	GitHub Exploit DB Packet Storm

255647	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1289	2010-06-1 15:45	2010-05-11	Show	GitHub Exploit DB Packet Storm

255648	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1288	2010-06-1 15:45	2010-05-11	Show	GitHub Exploit DB Packet Storm

255649	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1287	2010-06-1 15:45	2010-05-11	Show	GitHub Exploit DB Packet Storm

255650	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1286	2010-06-1 15:44	2010-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
285271	-	siemens	simatic_wincc_open_architecture	Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999.	CWE-22 Path Traversal	CVE-2014-1698	2024-11-21 11:04	2014-02-7	Show	GitHub Exploit DB Packet Storm

285272	-	siemens	simatic_wincc_open_architecture	The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999.	NVD-CWE-noinfo	CVE-2014-1697	2024-11-21 11:04	2014-02-7	Show	GitHub Exploit DB Packet Storm

285273	-	siemens	simatic_wincc_open_architecture	Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to obtain access via a brute-force attack.	CWE-310 Cryptographic Issues	CVE-2014-1696	2024-11-21 11:04	2014-02-7	Show	GitHub Exploit DB Packet Storm

285274	-	symantec	encryption_management_server	The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of ar…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1643	2024-11-21 11:04	2014-02-7	Show	GitHub Exploit DB Packet Storm

285275	-	citrix	xenmobile_device_manager xenmobile_device_manager_mdm	Unspecified vulnerability in Citrix XenMobile Device Manager server (formerly Zenprise Device Manager server) 8.5, 8.6, and MDM 8.0.1 allows remote attackers to obtain sensitive information via unkno…	NVD-CWE-noinfo	CVE-2014-1663	2024-11-21 11:04	2014-02-7	Show	GitHub Exploit DB Packet Storm

285276	-	mozilla oracle fedoraproject suse opensuse debian canonical	network_security_services seamonkey firefox firefox_esr thunderbird enterprise_manager_ops_center vm_server fedora linux_enterprise_desktop linux_enterprise_server opens…	Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does n…	CWE-326 Inadequate Encryption Strength	CVE-2014-1491	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285277	-	mozilla oracle fedoraproject suse opensuse debian canonical	network_security_services seamonkey firefox firefox_esr thunderbird enterprise_manager_ops_center vm_server fedora linux_enterprise_desktop linux_enterprise_server opens…	Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24…	CWE-362 Race Condition	CVE-2014-1490	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285278	-	oracle suse mozilla opensuse_project opensuse canonical	solaris linux_enterprise_desktop linux_enterprise_server linux_enterprise_software_development_kit firefox opensuse ubuntu_linux	Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-1489	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285279	-	mozilla canonical oracle suse opensuse	seamonkey firefox ubuntu_linux solaris linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit	The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that ha…	NVD-CWE-noinfo	CVE-2014-1488	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm

285280	-	mozilla oracle canonical suse opensuse	seamonkey firefox solaris ubuntu_linux linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_software_development_kit	The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directiv…	NVD-CWE-noinfo	CVE-2014-1485	2024-11-21 11:04	2014-02-6	Show	GitHub Exploit DB Packet Storm