Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258761	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

258762	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

258763	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

258764	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249831	8.8	HIGH Network	open-xchange	ox_guard	OX Guard 2.8.0 has CSRF.	CWE-352 Origin Validation Error	CVE-2018-10986	2024-11-21 12:42	2019-07-4	Show	GitHub Exploit DB Packet Storm

249832	6.1	MEDIUM Network	monstra	monstra_cms	Monstra CMS 3.0.4 and earlier has XSS via index.php.	CWE-79 Cross-site Scripting	CVE-2018-11227	2024-11-21 12:42	2019-07-4	Show	GitHub Exploit DB Packet Storm

249833	9.8	CRITICAL Network	cloudera	data_science_workbench	Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors.	CWE-200 CWE-78 Information Exposure OS Command	CVE-2018-11215	2024-11-21 12:42	2019-07-4	Show	GitHub Exploit DB Packet Storm

249834	3.1	LOW Adjacent	polycom	realpresence_debut_firmware	An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted.	CWE-20 Improper Input Validation	CVE-2018-10947	2024-11-21 12:42	2019-06-14	Show	GitHub Exploit DB Packet Storm

249835	6.8	MEDIUM Adjacent	polycom	realpresence_debut_firmware	An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI.	CWE-200 Information Exposure	CVE-2018-10946	2024-11-21 12:42	2019-06-14	Show	GitHub Exploit DB Packet Storm

249836	4.8	MEDIUM Network	synacor	zimbra_collaboration_suite	Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs.	CWE-79 Cross-site Scripting	CVE-2018-10948	2024-11-21 12:42	2019-05-31	Show	GitHub Exploit DB Packet Storm

249837	6.5	MEDIUM Network	cloudera	cloudera_manager	An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information.	CWE-200 Information Exposure	CVE-2018-10815	2024-11-21 12:42	2019-05-25	Show	GitHub Exploit DB Packet Storm

249838	7.5	HIGH Network	beyondtrust	avecto_defendpoint	Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's…	CWE-426 Untrusted Search Path	CVE-2018-10959	2024-11-21 12:42	2019-04-18	Show	GitHub Exploit DB Packet Storm

249839	5.4	MEDIUM Network	redhat	jboss_enterprise_application_platform single_sign-on	A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this …	CWE-79 Cross-site Scripting	CVE-2018-10934	2024-11-21 12:42	2019-03-27	Show	GitHub Exploit DB Packet Storm

249840	3.3	LOW Local	bluez canonical	bluez ubuntu_linux	A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain B…	-	CVE-2018-10910	2024-11-21 12:42	2019-01-29	Show	GitHub Exploit DB Packet Storm