Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258101 4.3 警告 シトリックス・システムズ - 複数の Citrix XenServer 製品の XenAPI HTTP インターフェイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3253 2010-09-14 15:54 2008-07-16 Show GitHub Exploit DB Packet Storm
258102 7.5 危険 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit における PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3760 2010-09-14 15:54 2009-10-22 Show GitHub Exploit DB Packet Storm
258103 6 警告 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-3759 2010-09-14 15:54 2009-10-22 Show GitHub Exploit DB Packet Storm
258104 7.5 危険 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-3758 2010-09-14 15:53 2009-10-22 Show GitHub Exploit DB Packet Storm
258105 4.3 警告 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-3757 2010-09-14 15:53 2009-10-22 Show GitHub Exploit DB Packet Storm
258106 7.2 危険 シトリックス・システムズ - Xen の xend におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-5716 2010-09-14 15:53 2008-12-24 Show GitHub Exploit DB Packet Storm
258107 6 警告 VMware - VMware Studio の Virtual Appliance Management Infrastructure における任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-2667 2010-09-13 16:05 2010-07-13 Show GitHub Exploit DB Packet Storm
258108 4.4 警告 VMware - VMware Studio における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2427 2010-09-13 16:05 2010-07-13 Show GitHub Exploit DB Packet Storm
258109 6.8 警告 VMware - VMware SpringSource tc Server Runtime における JMX インターフェイスへのアクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2010-1454 2010-09-13 16:05 2010-05-13 Show GitHub Exploit DB Packet Storm
258110 4.3 警告 VMware - VMware View におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1143 2010-09-13 16:04 2010-05-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258951 5.4 MEDIUM
Network 		cybozu garoon Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page. NVD-CWE-noinfo
CVE-2017-2144 2024-11-21 12:22 2017-07-7 Show GitHub Exploit DB Packet Storm
258952 5.4 MEDIUM
Network 		tenable nessus Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2017-2122 2024-11-21 12:22 2017-05-13 Show GitHub Exploit DB Packet Storm
258953 7.5 HIGH
Network 		seil x86_fuji_firmware
bpv_4_firmware
x1_firmware
x2_firmware
b1_firmware 		SEIL/x86 Fuji 1.70 to 5.62, SEIL/BPV4 5.00 to 5.62, SEIL/X1 1.30 to 5.62, SEIL/X2 1.30 to 5.62, SEIL/B1 1.00 to 5.62 allows remote attackers to cause a denial of service via specially crafted IPv4 UD… CWE-20
 Improper Input Validation  		CVE-2017-2153 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm
258954 7.8 HIGH
Local 		justsystems hanako
hanako_police
just_school
just_frontier
just_police
hanako_pro
just_office
just_government
just_jump_class 		Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JU… CWE-20
 Improper Input Validation  		CVE-2017-2154 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm
258955 6.8 MEDIUM
Adjacent 		buffalo_inc wnc01wh_firmware WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors. CWE-78
OS Command  		CVE-2017-2152 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm
258956 6.1 MEDIUM
Network 		booking_calendar_project booking_calendar Cross-site scripting vulnerability in Booking Calendar version 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2017-2151 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm
258957 5.3 MEDIUM
Network 		booking_calendar_project booking_calendar Directory traversal vulnerability in Booking Calendar version 7.0 and earlier allows remote attackers to read arbitrary files via specially crafted captcha_chalange parameter. CWE-22
Path Traversal 		CVE-2017-2150 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm
258958 8.8 HIGH
Network 		toshiba flashair Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded w… CWE-426
 Untrusted Search Path 		CVE-2017-2149 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm
258959 5.4 MEDIUM
Network 		iodata wn-ac1167gr_firmware Cross-site scripting vulnerability in WN-AC1167GR firmware version 1.04 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2017-2148 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm
258960 6.1 MEDIUM
Network 		wp-statistics wp_statistics Cross-site scripting vulnerability in WP Statistics version 12.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2017-2147 2024-11-21 12:22 2017-04-29 Show GitHub Exploit DB Packet Storm