Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256041 6.6 警告 マイクロソフト - Microsoft Windows の win32k.sys 内にある Windows カーネルモードドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1894 2010-09-2 14:04 2010-08-10 Show GitHub Exploit DB Packet Storm
256042 4.4 警告 マイクロソフト - Microsoft Windows の win32k.sys 内にある Windows カーネルモードドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-1887 2010-09-2 14:04 2010-08-10 Show GitHub Exploit DB Packet Storm
256043 4.6 警告 マイクロソフト - Microsoft Windows のカーネルにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-1890 2010-09-1 15:19 2010-08-10 Show GitHub Exploit DB Packet Storm
256044 9.3 危険 マイクロソフト - Microsoft Windows の Cinepak コーデックにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2553 2010-09-1 15:19 2010-08-10 Show GitHub Exploit DB Packet Storm
256045 7.8 危険 マイクロソフト - Microsoft Windows の SMB サーバーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2552 2010-09-1 15:19 2010-08-10 Show GitHub Exploit DB Packet Storm
256046 7.8 危険 マイクロソフト - Microsoft Windows の SMB サーバーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2551 2010-09-1 15:19 2010-08-10 Show GitHub Exploit DB Packet Storm
256047 10 危険 マイクロソフト - Microsoft Windows の SMB サーバーにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-2550 2010-09-1 15:17 2010-08-10 Show GitHub Exploit DB Packet Storm
256048 9.3 危険 マイクロソフト - Microsoft Office Word および Office Word Viewe における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1903 2010-09-1 15:17 2010-08-10 Show GitHub Exploit DB Packet Storm
256049 9.3 危険 マイクロソフト - 複数の Microsoft Office 製品におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1902 2010-09-1 15:17 2010-08-10 Show GitHub Exploit DB Packet Storm
256050 9.3 危険 マイクロソフト - 複数の Microsoft Office 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1901 2010-09-1 15:17 2010-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
248831 5.9 MEDIUM
Network 		cayugalakenationalbank cayuga_lake_national_bank The cayuga-lake-national-bank/id1151601539 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive inform… CWE-295
Improper Certificate Validation  		CVE-2017-9560 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248832 5.9 MEDIUM
Network 		meafinancial vision_bank The MEA Financial vision-bank/id420406345 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informa… CWE-295
Improper Certificate Validation  		CVE-2017-9559 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248833 5.9 MEDIUM
Network 		wawacu wawa_employees_credit_union_mobile The wawa-employees-credit-union-mobile/id1158082793 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti… CWE-295
Improper Certificate Validation  		CVE-2017-9558 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248834 7.5 HIGH
Network 		dlink dir-605l_firmware On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot. CWE-20
 Improper Input Validation  		CVE-2017-9675 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248835 6.1 MEDIUM
Network 		webhammer wp_custom_fields_search Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fields Search plugin 0.3.28 for WordPress allows remote attackers to inject arbitrary JavaScript via the cs-all-0 parameter. CWE-79
Cross-site Scripting 		CVE-2017-9419 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248836 5.4 MEDIUM
Network 		simplece simplece In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?return_url=[XSS] exploitable as a regular or admin user. CWE-79
Cross-site Scripting 		CVE-2017-9674 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248837 8.8 HIGH
Network 		simplece simplece In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new URI) or change its settings (via the index.php/user/1 URI), including its password. CWE-352
 Origin Validation Error 		CVE-2017-9673 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248838 5.4 MEDIUM
Network 		sap successfactors Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors before b1705.1234962 allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality. CWE-79
Cross-site Scripting 		CVE-2017-9613 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248839 4.3 MEDIUM
Network 		atlassian confluence Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had permission to view a page when creating a workbox notification about new comments. An attacker who can login to Confl… CWE-276
Incorrect Default Permissions  		CVE-2017-9505 2024-11-21 12:36 2017-06-16 Show GitHub Exploit DB Packet Storm
248840 7.8 HIGH
Local 		gnuplot_project gnuplot An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly hav… CWE-824
 Access of Uninitialized Pointer 		CVE-2017-9670 2024-11-21 12:36 2017-06-15 Show GitHub Exploit DB Packet Storm