Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256071	6.9	警告	VMware	-	複数の VMware 製品の USB サービスにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1140	2010-07-14 17:27	2010-04-9	Show	GitHub Exploit DB Packet Storm

256072	9.3	危険	シマンテック	-	Symantec Workspace Streaming (旧 Symantec AppStream) に脆弱性	CWE-287 不適切な認証	CVE-2008-4389	2010-07-14 17:26	2010-06-22	Show	GitHub Exploit DB Packet Storm

256073	5.8	警告	アップル	-	Apple iOS の設定アプリケーションにおけるユーザを追跡可能な脆弱性	CWE-DesignError	CVE-2010-1756	2010-07-14 17:26	2010-06-22	Show	GitHub Exploit DB Packet Storm

256074	4.3	警告	アップル	-	Apple iOS の Safari におけるリモートの Web サーバがユーザを追跡可能な脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1755	2010-07-14 17:25	2010-06-22	Show	GitHub Exploit DB Packet Storm

256075	1.9	注意	アップル	-	Apple iOS のパスコードロックにおける任意のデータにアクセスされる脆弱性	CWE-362 競合状態	CVE-2010-1775	2010-07-14 17:25	2010-06-22	Show	GitHub Exploit DB Packet Storm

256076	6.9	警告	アップル	-	Apple iOS のパスコードロックにおけるパスコード要求を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1754	2010-07-14 17:25	2010-06-22	Show	GitHub Exploit DB Packet Storm

256077	6.8	警告	アップル	-	Apple iOS の ImageIO における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1753	2010-07-14 17:25	2010-06-22	Show	GitHub Exploit DB Packet Storm

256078	5	警告	アップル	-	Apple iOS の Application Sandbox におけるロケーション情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1751	2010-07-14 17:24	2010-06-22	Show	GitHub Exploit DB Packet Storm

256079	9.3	危険	アップル	-	Apple Safari の WebKit における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1774	2010-07-14 16:44	2010-06-10	Show	GitHub Exploit DB Packet Storm

256080	4.3	警告	アップル	-	Apple Safari の WebKit におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1762	2010-07-14 16:44	2010-06-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248781	6.1	MEDIUM Network	exponentcms	exponent_cms	In Exponent CMS before 2.4.1 Patch #5, XSS in elFinder is possible in framework/modules/file/connector/elfinder.php.	CWE-79 Cross-site Scripting	CVE-2017-8085	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248782	6.1	MEDIUM Network	xoops	xoops	XOOPS Core 2.5.8.1 has XSS due to unescaped HTML output of an Install DB failure error message in page_dbsettings.php.	CWE-79 Cross-site Scripting	CVE-2017-7944	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248783	6.5	MEDIUM Network	concretecms	concrete_cms	concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which allows remote attackers to disable the entire installation by merely tricking an admin into viewing a malicious page involving …	CWE-352 Origin Validation Error	CVE-2017-8082	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248784	5.3	MEDIUM Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, the upgrade process can be requested remotely without authentication (httpupg.cgi with a parameter called cmd). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-287 Improper Authentication	CVE-2017-8078	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248785	7.5	HIGH Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with Ei2HNryt). This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-798 Use of Hard-coded Credentials	CVE-2017-8077	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248786	9.8	CRITICAL Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-326 Inadequate Encryption Strength	CVE-2017-8076	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248787	9.8	CRITICAL Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2017-8075	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248788	9.8	CRITICAL Network	tp-link	tl-sg108e_firmware	On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmw…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2017-8074	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248789	7.5	HIGH Network	weechat debian	weechat debian_linux	WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overfl…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-8073	2024-11-21 12:33	2017-04-24	Show	GitHub Exploit DB Packet Storm

248790	7.8	HIGH Local	linux	linux_kernel	The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local us…	CWE-388 7PK - Errors	CVE-2017-8072	2024-11-21 12:33	2017-04-23	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed