Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257231	5	警告	アップルサイバートラスト株式会社 VMware サン・マイクロシステムズレッドハット	-	Sun Java SE および OpenJDK の Java Runtime Environment (JRE) におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-3728	2010-02-23 11:51	2009-11-9	Show	GitHub Exploit DB Packet Storm

257232	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0248	2010-02-22 12:15	2010-01-21	Show	GitHub Exploit DB Packet Storm

257233	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0244	2010-02-22 12:15	2010-01-21	Show	GitHub Exploit DB Packet Storm

257234	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer の URL 検証における任意のローカルプログラムを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0027	2010-02-22 12:15	2010-01-21	Show	GitHub Exploit DB Packet Storm

257235	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0247	2010-02-22 12:14	2010-01-21	Show	GitHub Exploit DB Packet Storm

257236	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0246	2010-02-22 12:14	2010-01-21	Show	GitHub Exploit DB Packet Storm

257237	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0245	2010-02-22 12:13	2010-01-21	Show	GitHub Exploit DB Packet Storm

257238	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer の XSS フィルタにおけるクロスサイトスクリプティングの脆弱性	CWE-DesignError	CVE-2009-4074	2010-02-22 12:13	2009-11-25	Show	GitHub Exploit DB Packet Storm

257239	6.6	警告	マイクロソフト	-	Microsoft Windows の kernel における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0232	2010-02-22 12:12	2010-01-20	Show	GitHub Exploit DB Packet Storm

257240	10	危険	Rockwell Automation	-	Rockwell Automation Allen-Bradley MicroLogix PLC に複数の脆弱性	CWE-noinfo 情報不足	CVE-2009-3739	2010-02-19 14:22	2010-01-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247541	6.1	MEDIUM Network	gitlab	gitlab	An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS v…	CWE-79 Cross-site Scripting	CVE-2018-10379	2024-11-21 12:41	2018-06-1	Show	GitHub Exploit DB Packet Storm

247542	5.3	MEDIUM Network	samsung	samsung_mobile	A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in mem…	CWE-190 Integer Overflow or Wraparound	CVE-2018-10751	2024-11-21 12:41	2018-05-30	Show	GitHub Exploit DB Packet Storm

247543	9.8	CRITICAL Network	zohocorp	manageengine_adaudit_plus	Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection.	CWE-89 SQL Injection	CVE-2018-10466	2024-11-21 12:41	2018-05-30	Show	GitHub Exploit DB Packet Storm

247544	5.3	MEDIUM Network	dataiku	data_science_studio	The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pictures visibility.	CWE-200 Information Exposure	CVE-2018-10732	2024-11-21 12:41	2018-05-29	Show	GitHub Exploit DB Packet Storm

247545	8.8	HIGH Network	trendmicro	smart_protection_server	A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to …	CWE-89 SQL Injection	CVE-2018-10350	2024-11-21 12:41	2018-05-26	Show	GitHub Exploit DB Packet Storm

247546	6.3	MEDIUM Adjacent	bd	database_manager performa reada	A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) …	CWE-89 SQL Injection	CVE-2018-10595	2024-11-21 12:41	2018-05-25	Show	GitHub Exploit DB Packet Storm

247547	5.6	MEDIUM Adjacent	bd	database_manager performa reada	A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA,…	CWE-89 SQL Injection	CVE-2018-10593	2024-11-21 12:41	2018-05-25	Show	GitHub Exploit DB Packet Storm

247548	6.1	MEDIUM Network	ilias	ilias	ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting.	CWE-79 Cross-site Scripting	CVE-2018-10428	2024-11-21 12:41	2018-05-24	Show	GitHub Exploit DB Packet Storm

247549	8.1	HIGH Network	citrix	xenmobile_server	There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.	CWE-502 Deserialization of Untrusted Data	CVE-2018-10654	2024-11-21 12:41	2018-05-24	Show	GitHub Exploit DB Packet Storm

247550	9.8	CRITICAL Network	citrix	xenmobile_server	There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.	CWE-611 XXE	CVE-2018-10653	2024-11-21 12:41	2018-05-24	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed