Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256451 7.5 危険 The PHP Group - PHP の sqlite_single_query および sqlite_array_query 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1868 2010-08-18 18:26 2010-05-7 Show GitHub Exploit DB Packet Storm
256452 7.5 危険 The PHP Group - PHP の dechunk フィルタにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2010-1866 2010-08-18 18:26 2010-05-2 Show GitHub Exploit DB Packet Storm
256453 5 警告 The PHP Group - PHP の chunk_split 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-1862 2010-08-18 18:25 2010-05-4 Show GitHub Exploit DB Packet Storm
256454 5 警告 The PHP Group - PHP の addcslashes 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-1864 2010-08-17 17:37 2010-05-3 Show GitHub Exploit DB Packet Storm
256455 5 警告 The PHP Group - PHP における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-2190 2010-08-17 17:36 2010-05-30 Show GitHub Exploit DB Packet Storm
256456 6.4 警告 The PHP Group - PHP における重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2010-2191 2010-08-17 17:35 2010-05-31 Show GitHub Exploit DB Packet Storm
256457 5 警告 The PHP Group - PHP の Zend Engine における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-1914 2010-08-17 17:34 2010-05-8 Show GitHub Exploit DB Packet Storm
256458 6.4 警告 The PHP Group - PHP の sysvshm 拡張における任意のメモリアドレスを書かれる脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1861 2010-08-17 17:33 2010-05-5 Show GitHub Exploit DB Packet Storm
256459 4.3 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-0654 2010-08-16 18:57 2010-02-18 Show GitHub Exploit DB Packet Storm
256460 7.6 危険 アップル - Apple Safari における window オブジェクトの処理に脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1939 2010-08-16 15:08 2010-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
316401 5.4 MEDIUM
Network 		yogeshojha rengine reNgine is an automated reconnaissance framework for web applications. Versions 2.1.2 and prior are susceptible to Stored Cross-Site Scripting (XSS) attacks. This vulnerability occurs when scanning a… CWE-79
Cross-site Scripting 		CVE-2024-43381 2024-09-11 22:02 2024-08-17 Show GitHub Exploit DB Packet Storm
316402 9.8 CRITICAL
Network 		h3c magic_b1st_firmware H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. CWE-798
 Use of Hard-coded Credentials 		CVE-2024-42638 2024-09-11 21:53 2024-08-17 Show GitHub Exploit DB Packet Storm
316403 7.5 HIGH
Network 		google android In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution pri… CWE-120
Classic Buffer Overflow 		CVE-2024-34727 2024-09-11 21:43 2024-08-16 Show GitHub Exploit DB Packet Storm
316404 8.2 HIGH
Network 		xpdfreader xpdf In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read fro… CWE-908
 Use of Uninitialized Resource 		CVE-2024-7868 2024-09-11 21:40 2024-08-16 Show GitHub Exploit DB Packet Storm
316405 8.8 HIGH
Network 		xyzscripts insert_php_code_snippet Cross-Site Request Forgery (CSRF) vulnerability in xyzscripts.Com Insert PHP Code Snippet.This issue affects Insert PHP Code Snippet: from n/a through 1.3.6. CWE-352
 Origin Validation Error 		CVE-2024-43275 2024-09-11 21:33 2024-08-15 Show GitHub Exploit DB Packet Storm
316406 - - - Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to perform Remote Code Execution (RCE). This issue affects: Comm… - CVE-2024-43690 2024-09-11 14:15 2024-09-11 Show GitHub Exploit DB Packet Storm
316407 - - - Versions of the package dset before 3.1.4 are vulnerable to Prototype Pollution via the dset function due improper user input sanitization. This vulnerability allows the attacker to inject malicious … - CVE-2024-21529 2024-09-11 14:15 2024-09-11 Show GitHub Exploit DB Packet Storm
316408 - - - Affected versions of Octopus Server had a weak content security policy. - CVE-2024-1656 2024-09-11 14:15 2024-09-11 Show GitHub Exploit DB Packet Storm
316409 - - - Incorrect Calculation of Buffer Size (CWE-131) in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot lea… - CVE-2024-39808 2024-09-11 13:15 2024-09-11 Show GitHub Exploit DB Packet Storm
316410 - - - Buffer Copy without Checking Size of Input (CWE-120) in the Controller 6000 and Controller 7000 diagnostic web interface allows an authorised and authenticated operator to reboot the Controller, caus… - CVE-2024-24972 2024-09-11 13:15 2024-09-11 Show GitHub Exploit DB Packet Storm