Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 25, 2026, 12:07 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256591 4.3 警告 サイバートラスト株式会社
レッドハット		 - Red Hat および MIRACLE LINUX の sendmail におけるメール送信元を偽装される脆弱性 - CVE-2006-7176 2010-04-27 15:18 2007-03-27 Show GitHub Exploit DB Packet Storm
256592 6.9 警告 アップル - Windows 上で稼働する Apple iTunes のインストールパッケージにおける権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-0532 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256593 4.3 警告 アップル - Apple iTunes におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0531 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256594 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0536 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256595 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime の QuickTime.qts における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0529 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
256596 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0528 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
256597 9.3 危険 アップル - Apple QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0527 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
256598 5 警告 アップル
サイバートラスト株式会社
Ruby-lang.org
レッドハット		 - Ruby の BigDecimal ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-1904 2010-04-26 16:46 2009-06-9 Show GitHub Exploit DB Packet Storm
256599 6.9 警告 アップル
Vim		 - Vim の Python インターフェースの src/if_python.c における信頼性のない検索パスの脆弱性 CWE-Other
その他 		CVE-2009-0316 2010-04-26 16:45 2009-01-28 Show GitHub Exploit DB Packet Storm
256600 9.3 危険 アップル
サイバートラスト株式会社
Vim
レッドハット		 - Vim におけるエスケープ文字を適切に処理しないことに関する任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4101 2010-04-26 16:45 2008-10-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269301 7.5 HIGH
Network 		minimatch_project minimatch Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript `RegExp` objects. The primary function, `minimatch(path, pattern)` in Minimatch 3.0.1 and earlier is … CWE-20
 Improper Input Validation  		CVE-2016-10540 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269302 7.5 HIGH
Network 		negotiator_project negotiator negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for "Accept-Language", when parsed by negotiator 0.6.0 and earlie… CWE-20
 Improper Input Validation  		CVE-2016-10539 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269303 3.5 LOW
Network 		cli_project
debian 		cli
debian_linux 		The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to. CWE-362
Race Condition 		CVE-2016-10538 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269304 5.4 MEDIUM
Network 		backbone_project backbone backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site… CWE-79
Cross-site Scripting 		CVE-2016-10537 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269305 5.9 MEDIUM
Network 		socket engine.io-client engine.io-client is the client for engine.io, the implementation of a transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. The vulnerability is related to the … CWE-295
Improper Certificate Validation  		CVE-2016-10536 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269306 5.9 MEDIUM
Network 		csrf-lite_project csrf-lite csrf-lite is a cross-site request forgery protection library for framework-less node sites. csrf-lite uses `===`, a fail first string comparison, instead of a time constant string comparison This ena… CWE-310
Cryptographic Issues 		CVE-2016-10535 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269307 5.9 MEDIUM
Network 		electron-packager_project electron-packager electron-packager is a command line tool that packages Electron source code into `.app` and `.exe` packages. along with Electron. The `--strict-ssl` command line option in electron-packager >= 5.2.1 … CWE-295
Improper Certificate Validation  		CVE-2016-10534 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269308 6.1 MEDIUM
Network 		marked_project marked marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content i… CWE-79
Cross-site Scripting 		CVE-2016-10531 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269309 5.9 MEDIUM
Network 		airbrake airbrake The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could… CWE-310
CWE-200
Cryptographic Issues
Information Exposure 		CVE-2016-10530 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
269310 8.8 HIGH
Network 		droppy_project droppy Droppy versions <3.5.0 does not perform any verification for cross-domain websocket requests. An attacker is able to make a specially crafted page that can send requests as the context of the current… CWE-352
 Origin Validation Error 		CVE-2016-10529 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm