Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256131	6.9	警告	アップルターボリナックス CUPS	-	CUPS の _cupsGetlang 関数における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0393	2010-04-13 15:17	2010-03-29	Show	GitHub Exploit DB Packet Storm

256132	6.8	警告	アップル	-	Apple Mac OS X の CoreTypes における任意の JavaScript を実行される脆弱性	CWE-Other その他	CVE-2010-0063	2010-04-13 15:17	2010-03-29	Show	GitHub Exploit DB Packet Storm

256133	6.8	警告	アップル	-	Apple Mac OS X の CoreMedia および QuickTime におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0062	2010-04-13 15:17	2010-03-29	Show	GitHub Exploit DB Packet Storm

256134	6.8	警告	アップル	-	Apple Mac OS X の CoreAudio における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0060	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256135	6.8	警告	アップル	-	Apple Mac OS X の CoreAudio における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0059	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256136	6.4	警告	アップル	-	Apple Mac OS X の ClamAV におけるシステムにウィルスを取り込む脆弱性	CWE-16 環境設定	CVE-2010-0058	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256137	7.5	危険	アップル	-	Apple Mac OS X の AFP サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0533	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256138	7.5	危険	アップル	-	Apple Mac OS X の AFP サーバにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0057	2010-04-13 15:16	2010-03-29	Show	GitHub Exploit DB Packet Storm

256139	6.4	警告	アップル	-	Apple Mac OS X のアプリケーションファイアウォールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2801	2010-04-13 15:15	2010-03-29	Show	GitHub Exploit DB Packet Storm

256140	6.8	警告	アップル	-	Apple Mac OS X の Cocoa のスペルチェック機能におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0056	2010-04-13 15:15	2010-03-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266901	9.8	CRITICAL Network	apache	struts	XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter.	CWE-20 Improper Input Validation	CVE-2016-3082	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

266902	8.1	HIGH Network	apache oracle	struts siebel_e-billing	Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to …	CWE-77 Command Injection	CVE-2016-3081	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

266903	9.8	CRITICAL Network	libgd debian fedoraproject canonical opensuse php	libgd debian_linux fedora ubuntu_linux opensuse php	Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed g…	CWE-681 Incorrect Conversion between Numeric Types	CVE-2016-3074	2024-11-21 11:49	2016-04-26	Show	GitHub Exploit DB Packet Storm

266904	6.1	MEDIUM Network	blackberry	enterprise_server	Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted …	CWE-79 Cross-site Scripting	CVE-2016-3126	2024-11-21 11:49	2016-04-23	Show	GitHub Exploit DB Packet Storm

266905	4.6	MEDIUM Physics	lexmark	printer_firmware	Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows ph…	CWE-200 Information Exposure	CVE-2016-3145	2024-11-21 11:49	2016-04-22	Show	GitHub Exploit DB Packet Storm

266906	7.5	HIGH Network	opensuse cairographics	opensuse cairo	The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a neg…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-3190	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

266907	6.4	MEDIUM Network	oracle	agile_product_lifecycle_management_framework	Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and in…	NVD-CWE-noinfo	CVE-2016-3431	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

266908	4.5	MEDIUM Physics	oracle	retail_xstore_point_of_service	Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentia…	NVD-CWE-noinfo	CVE-2016-3429	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

266909	3.1	LOW Adjacent	oracle	agile_engineering_data_management	Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vector…	NVD-CWE-noinfo	CVE-2016-3428	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm

266910	3.1	LOW Network	oracle	jdk jre	Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.	NVD-CWE-noinfo	CVE-2016-3426	2024-11-21 11:49	2016-04-21	Show	GitHub Exploit DB Packet Storm