Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 10:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258371 7.2 危険 マイクロソフト - Microsoft Windows の Windows Task Scheduler における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3338 2011-01-14 15:31 2010-12-14 Show GitHub Exploit DB Packet Storm
258372 6.9 警告 マイクロソフト - Microsoft Windows の OpenType Font ドライバにおける権限昇格の脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3959 2011-01-14 15:27 2010-12-14 Show GitHub Exploit DB Packet Storm
258373 5 警告 アップル
サイバートラスト株式会社
OpenLDAP Foundation
ターボリナックス
VMware
レッドハット		 - OpenLDAP の IA5StringNormalize 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0212 2011-01-14 14:45 2010-06-30 Show GitHub Exploit DB Packet Storm
258374 5 警告 アップル
サイバートラスト株式会社
OpenLDAP Foundation
ターボリナックス
VMware
レッドハット		 - OpenLDAP の slap_modrdn2mods 関数における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0211 2011-01-14 14:45 2010-06-30 Show GitHub Exploit DB Packet Storm
258375 6.2 警告 サイバートラスト株式会社
VMware
Todd C. Miller
レッドハット		 - sudo における権限昇格の脆弱性 CWE-DesignError
CVE-2010-2956 2011-01-14 14:44 2010-09-7 Show GitHub Exploit DB Packet Storm
258376 - - GNU Project
VMware
サイバートラスト株式会社
レッドハット		 - glibc に権限昇格の脆弱性 - CVE-2010-3847 2011-01-14 14:42 2010-10-26 Show GitHub Exploit DB Packet Storm
258377 7.8 危険 マイクロソフト
アドビシステムズ
日本電気		 - Microsoft Visual Studio の ATL における終端文字列の処理に関する重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-2495 2011-01-14 14:33 2009-07-28 Show GitHub Exploit DB Packet Storm
258378 9.3 危険 サン・マイクロシステムズ
アドビシステムズ
日本電気
マイクロソフト
OpenOffice.org Project		 - Microsoft Visual Studio の ATL におけるオブジェクトのインスタンス化処理に関する任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2493 2011-01-14 14:32 2009-07-28 Show GitHub Exploit DB Packet Storm
258379 9.3 危険 マイクロソフト
アドビシステムズ
日本電気		 - Microsoft Visual Studio の ATL における未初期化オブジェクト処理に関する任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-0901 2011-01-14 14:31 2009-07-28 Show GitHub Exploit DB Packet Storm
258380 6.9 警告 マイクロソフト - Microsoft Windows の OpenType Font ドライバにおける権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-3957 2011-01-13 16:22 2010-12-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
269641 6.1 MEDIUM
Network 		jqueryui
oracle
fedoraproject
netapp
redhat
juniper
debian 		jquery_ui
weblogic_server
business_intelligence
hospitality_cruise_fleet_management
application_express
primavera_unifier
siebel_ui_framework
oss_support_tools
fedora
snapc… 		Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. CWE-79
Cross-site Scripting 		CVE-2016-7103 2024-11-21 11:57 2017-03-16 Show GitHub Exploit DB Packet Storm
269642 5.5 MEDIUM
Local 		libgd libgd The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related t… CWE-125
Out-of-bounds Read 		CVE-2016-6906 2024-11-21 11:57 2017-03-15 Show GitHub Exploit DB Packet Storm
269643 6.1 MEDIUM
Network 		plone plone Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web… CWE-79
Cross-site Scripting 		CVE-2016-7140 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
269644 6.1 MEDIUM
Network 		plone plone Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web sc… CWE-79
Cross-site Scripting 		CVE-2016-7139 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
269645 6.1 MEDIUM
Network 		plone plone Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web… CWE-79
Cross-site Scripting 		CVE-2016-7138 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
269646 6.1 MEDIUM
Network 		plone plone Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing… CWE-601
Open Redirect 		CVE-2016-7137 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
269647 6.1 MEDIUM
Network 		plone plone z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request. CWE-79
Cross-site Scripting 		CVE-2016-7136 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
269648 4.9 MEDIUM
Network 		plone plone Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a .. (dot dot) in the path parameter in a getFile ac… CWE-22
Path Traversal 		CVE-2016-7135 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
269649 9.8 CRITICAL
Network 		nefarious2_project nefarious2 The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE paramet… CWE-287
Improper Authentication 		CVE-2016-7145 2024-11-21 11:57 2017-03-8 Show GitHub Exploit DB Packet Storm
269650 5.5 MEDIUM
Local 		dropbear_ssh_project dropbear_ssh The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process memory via the -v argument, related to a failed remote ident. CWE-200
Information Exposure 		CVE-2016-7409 2024-11-21 11:57 2017-03-4 Show GitHub Exploit DB Packet Storm