Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258761	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

258762	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

258763	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268891	7.5	HIGH Network	cisco	ios ios_xe ios_xe_3.3sg ios_xe_3.4sg ios_xe_16.1 ios_xe_3.3xo	Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka B…	CWE-399 Resource Management Errors	CVE-2016-6381	2024-11-21 11:56	2016-10-6	Show	GitHub Exploit DB Packet Storm

268892	5.6	MEDIUM Network	pivotal_software	spring_data_jpa	SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annot…	CWE-89 SQL Injection	CVE-2016-6652	2024-11-21 11:56	2016-10-6	Show	GitHub Exploit DB Packet Storm

268893	6.5	MEDIUM Network	cisco	firesight_system_software	Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, ak…	CWE-264 CWE-200 Permissions, Privileges, and Access Controls Information Exposure	CVE-2016-6420	2024-11-21 11:56	2016-10-5	Show	GitHub Exploit DB Packet Storm

268894	7.5	HIGH Network	cisco	firepower_management_center	SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur2548…	CWE-89 SQL Injection	CVE-2016-6419	2024-11-21 11:56	2016-10-5	Show	GitHub Exploit DB Packet Storm

268895	9.8	CRITICAL Network	emc dell	unisphere solutions_enabler emc_unisphere	The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary co…	CWE-20 Improper Input Validation	CVE-2016-6646	2024-11-21 11:56	2016-10-5	Show	GitHub Exploit DB Packet Storm

268896	8.8	HIGH Network	emc dell	unisphere solutions_enabler emc_unisphere	The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute ar…	CWE-20 Improper Input Validation	CVE-2016-6645	2024-11-21 11:56	2016-10-5	Show	GitHub Exploit DB Packet Storm

268897	5.4	MEDIUM Adjacent	bb\&t	the_u	The U by BB&T app 1.5.4 and earlier for iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information vi…	CWE-310 Cryptographic Issues	CVE-2016-6550	2024-11-21 11:56	2016-10-5	Show	GitHub Exploit DB Packet Storm

268898	5.5	MEDIUM Local	mongodb fedoraproject	mongodb fedora	The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.	CWE-200 Information Exposure	CVE-2016-6494	2024-11-21 11:56	2016-10-4	Show	GitHub Exploit DB Packet Storm

268899	5.4	MEDIUM Network	emc	vipr_srm	Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.	CWE-79 Cross-site Scripting	CVE-2016-6647	2024-11-21 11:56	2016-09-30	Show	GitHub Exploit DB Packet Storm

268900	8.8	HIGH Network	pivotal_software cloudfoundry	cloud_foundry_uaa cloud_foundry_elastic_runtime cloud_foundry_ops_manager cloud_foundry cloud_foundry_uaa_bosh	The UAA /oauth/token endpoint in Pivotal Cloud Foundry (PCF) before 243; UAA 2.x before 2.7.4.8, 3.x before 3.3.0.6, and 3.4.x before 3.4.5; UAA BOSH before 11.7 and 12.x before 12.6; Elastic Runtime…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-6651	2024-11-21 11:56	2016-09-30	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed