Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256321	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

256322	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266461	5.4	MEDIUM Network	fourkitchens fedoraproject	block_class fedora	Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitra…	CWE-79 Cross-site Scripting	CVE-2016-3144	2024-11-21 11:49	2016-04-16	Show	GitHub Exploit DB Packet Storm

266462	6.1	MEDIUM Network	redhat	satellite spacewalk-java	Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to systems…	CWE-79 Cross-site Scripting	CVE-2016-3079	2024-11-21 11:49	2016-04-14	Show	GitHub Exploit DB Packet Storm

266463	3.8	LOW Local	oracle xen fedoraproject debian	vm_server xen fedora debian_linux	The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensiti…	CWE-200 CWE-284 Information Exposure Improper Access Control	CVE-2016-3159	2024-11-21 11:49	2016-04-14	Show	GitHub Exploit DB Packet Storm

266464	3.8	LOW Local	xen fedoraproject oracle	xen fedora vm_server	The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive …	CWE-200 CWE-284 Information Exposure Improper Access Control	CVE-2016-3158	2024-11-21 11:49	2016-04-14	Show	GitHub Exploit DB Packet Storm

266465	8.8	HIGH Network	mercurial debian suse opensuse fedoraproject redhat	mercurial debian_linux linux_enterprise_software_development_kit linux_enterprise_debuginfo opensuse leap fedora enterprise_linux_desktop enterprise_linux_server_aus enterp…	Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.	CWE-20 Improper Input Validation	CVE-2016-3069	2024-11-21 11:49	2016-04-14	Show	GitHub Exploit DB Packet Storm

266466	8.8	HIGH Network	debian mercurial fedoraproject redhat suse opensuse	debian_linux mercurial fedora enterprise_linux_desktop enterprise_linux_server_aus enterprise_linux_workstation enterprise_linux_server enterprise_linux_hpc_node enterprise_li…	Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.	CWE-20 Improper Input Validation	CVE-2016-3068	2024-11-21 11:49	2016-04-14	Show	GitHub Exploit DB Packet Storm

266467	8.8	HIGH Network	cacti	cacti	SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.	CWE-89 SQL Injection	CVE-2016-3172	2024-11-21 11:49	2016-04-13	Show	GitHub Exploit DB Packet Storm

266468	7.8	HIGH Local	xen canonical	xen ubuntu_linux	The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-3157	2024-11-21 11:49	2016-04-13	Show	GitHub Exploit DB Packet Storm

266469	8.1	HIGH Network	drupal debian	drupal debian_linux	Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data trunc…	CWE-19 Data Processing Errors	CVE-2016-3171	2024-11-21 11:49	2016-04-13	Show	GitHub Exploit DB Packet Storm

266470	5.3	MEDIUM Network	debian drupal	debian_linux drupal	The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configur…	CWE-200 Information Exposure	CVE-2016-3170	2024-11-21 11:49	2016-04-13	Show	GitHub Exploit DB Packet Storm