Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256061 6.9 警告 アップル - Windows 上で稼働する Apple iTunes のインストールパッケージにおける権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0532 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256062 4.3 警告 アップル - Apple iTunes におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0531 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256063 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0536 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256064 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime の QuickTime.qts における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0529 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256065 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0528 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
256066 9.3 危険 アップル - Apple QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0527 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
256067 5 警告 アップル
サイバートラスト株式会社
Ruby-lang.org
レッドハット		 - Ruby の BigDecimal ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-1904 2010-04-26 16:46 2009-06-9 Show GitHub Exploit DB Packet Storm
256068 6.9 警告 アップル
Vim		 - Vim の Python インターフェースの src/if_python.c における信頼性のない検索パスの脆弱性 CWE-Other
その他 		CVE-2009-0316 2010-04-26 16:45 2009-01-28 Show GitHub Exploit DB Packet Storm
256069 9.3 危険 アップル
サイバートラスト株式会社
Vim
レッドハット		 - Vim におけるエスケープ文字を適切に処理しないことに関する任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4101 2010-04-26 16:45 2008-10-9 Show GitHub Exploit DB Packet Storm
256070 9.3 危険 アップル
サイバートラスト株式会社
Vim
レッドハット		 - Vim における適切に入力をサニタイズしないことに関する任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2712 2010-04-26 16:45 2008-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
249511 7.8 HIGH
Local 		audiofile audiofile Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impa… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-6827 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249512 6.1 MEDIUM
Network 		shishnet shimmie An issue was discovered in Shimmie <= 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An … CWE-79
Cross-site Scripting 		CVE-2017-6909 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249513 6.1 MEDIUM
Network 		concrete5 concrete5 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (fID) passed to the "concrete5-legacy-master/web/concrete/tools/files/se… CWE-79
Cross-site Scripting 		CVE-2017-6908 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249514 6.1 MEDIUM
Network 		open.gl_project open.gl An issue was discovered in Open.GL before 2017-03-13. The vulnerability exists due to insufficient filtration of user-supplied data (content) passed to the "Open.GL-master/index.php" URL. An attacker… CWE-79
Cross-site Scripting 		CVE-2017-6907 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249515 6.1 MEDIUM
Network 		siberiancms siberiancms An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "SiberianCMS-master/errors/500.php" URL. An a… CWE-79
Cross-site Scripting 		CVE-2017-6906 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249516 6.1 MEDIUM
Network 		concrete5 concrete5 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/too… CWE-79
Cross-site Scripting 		CVE-2017-6905 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249517 7.8 HIGH
Local 		ioquake3 ioquake3 In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 (aka Quake 3 engin… NVD-CWE-noinfo
CVE-2017-6903 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249518 8.8 HIGH
Network 		digisol dg-hr1400_router_firmware Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session… CWE-565
 Reliance on Cookies without Validation and Integrity Checking 		CVE-2017-6896 2024-11-21 12:30 2017-03-15 Show GitHub Exploit DB Packet Storm
249519 4.7 MEDIUM
Local 		foxitsoftware foxit_reader
phantompdf 		The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read a… CWE-125
Out-of-bounds Read 		CVE-2017-6883 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm
249520 6.1 MEDIUM
Network 		lutim_project lutim Cross-site scripting (XSS) vulnerability in SVG file handling in Lutim 0.7.1 and earlier allows remote attackers to inject arbitrary web script. CWE-79
Cross-site Scripting 		CVE-2017-6877 2024-11-21 12:30 2017-03-14 Show GitHub Exploit DB Packet Storm