NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
343351 9.3 HIGH
microsoft office Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Offic… CWE-94
Code Injection 		CVE-2010-1263 2018-10-13 06:57 2010-06-9 Show GitHub Exploit DB Packet Storm
343352 4.0 MEDIUM
microsoft sharepoint_services Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeate… NVD-CWE-noinfo
CVE-2010-1264 2018-10-13 06:57 2010-06-9 Show GitHub Exploit DB Packet Storm
343353 9.3 HIGH
microsoft directx
windows_media_format_runtime
windows_media_encoder 		Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary c… CWE-94
Code Injection 		CVE-2010-1879 2018-10-13 06:57 2010-06-9 Show GitHub Exploit DB Packet Storm
343354 6.9 MEDIUM
microsoft windows_2000
windows_2003_server
windows_xp 		The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sen… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0023 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343355 4.0 MEDIUM
microsoft windows_server_2008 The Hyper-V server implementation in Microsoft Windows Server 2008 Gold, SP2, and R2 on the x64 platform allows guest OS users to cause a denial of service (host OS hang) via a crafted application th… CWE-20
 Improper Input Validation  		CVE-2010-0026 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343356 9.3 HIGH
microsoft powerpoint Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint File Path Handling Buffer Overflow Vulnera… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0029 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343357 9.3 HIGH
microsoft powerpoint Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint LinkedSlideAtom He… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0030 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343358 9.3 HIGH
microsoft office
powerpoint 		Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka… CWE-94
Code Injection 		CVE-2010-0031 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343359 9.3 HIGH
microsoft powerpoint Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After… CWE-94
Code Injection 		CVE-2010-0032 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343360 9.3 HIGH
microsoft powerpoint Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record St… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0033 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343361 9.3 HIGH
microsoft powerpoint Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Office PowerPoint Viewer TextCharsAtom Re… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0034 2018-10-13 06:56 2010-02-11 Show GitHub Exploit DB Packet Storm
343362 6.9 MEDIUM
microsoft windows_2000
windows_xp 		The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows local users to gain privileges by creating a symbolic link from an untrusted registry hive to a trusted registry hive, aka "Windows … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0237 2018-10-13 06:56 2010-04-15 Show GitHub Exploit DB Packet Storm
343363 7.6 HIGH
microsoft visio Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "… CWE-94
Code Injection 		CVE-2010-0254 2018-10-13 06:56 2010-04-15 Show GitHub Exploit DB Packet Storm
343364 7.6 HIGH
microsoft visio Per: http://www.microsoft.com/technet/security/Bulletin/MS10-028.mspx 'Users of Microsoft Office Visio 2002 and later versions of Visio will be prompted with Open, Save, or Cancel before opening a… CWE-94
Code Injection 		CVE-2010-0254 2018-10-13 06:56 2010-04-15 Show GitHub Exploit DB Packet Storm
343365 7.6 HIGH
microsoft visio Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code vi… CWE-94
Code Injection 		CVE-2010-0256 2018-10-13 06:56 2010-04-15 Show GitHub Exploit DB Packet Storm
343366 7.6 HIGH
microsoft visio Per: http://www.microsoft.com/technet/security/Bulletin/MS10-028.mspx 'Users of Microsoft Office Visio 2002 and later versions of Visio will be prompted with Open, Save, or Cancel before opening a… CWE-94
Code Injection 		CVE-2010-0256 2018-10-13 06:56 2010-04-15 Show GitHub Exploit DB Packet Storm
343367 9.3 HIGH
microsoft excel
office
office_compatibility_pack
office_excel_viewer
office_sharepoint_server
open_xml_file_format_converter 		Microsoft Office Excel 2002 SP3 does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft Office Excel Record Me… CWE-94
Code Injection 		CVE-2010-0257 2018-10-13 06:56 2010-03-11 Show GitHub Exploit DB Packet Storm
343368 9.3 HIGH
microsoft excel
office
office_compatibility_pack
office_excel_viewer
office_sharepoint_server
open_xml_file_format_converter 		Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 all… CWE-94
Code Injection 		CVE-2010-0260 2018-10-13 06:56 2010-03-11 Show GitHub Exploit DB Packet Storm
343369 9.3 HIGH
microsoft excel
office
office_compatibility_pack
office_excel_viewer
office_sharepoint_server
open_xml_file_format_converter 		Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute ar… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0261 2018-10-13 06:56 2010-03-11 Show GitHub Exploit DB Packet Storm
343370 9.3 HIGH
microsoft excel
office
office_compatibility_pack
office_excel_viewer
office_sharepoint_server
open_xml_file_format_converter 		Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that tri… CWE-94
Code Injection 		CVE-2010-0262 2018-10-13 06:56 2010-03-11 Show GitHub Exploit DB Packet Storm
343371 9.3 HIGH
microsoft excel
office
office_compatibility_pack
office_excel_viewer
office_sharepoint_server
open_xml_file_format_converter 		Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 F… CWE-94
Code Injection 		CVE-2010-0263 2018-10-13 06:56 2010-03-11 Show GitHub Exploit DB Packet Storm
343372 9.3 HIGH
microsoft excel
office
office_compatibility_pack
office_excel_viewer
office_sharepoint_server
open_xml_file_format_converter 		Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitra… CWE-94
Code Injection 		CVE-2010-0264 2018-10-13 06:56 2010-03-11 Show GitHub Exploit DB Packet Storm
343373 9.3 HIGH
microsoft windows_media_player
windows_2000
windows_xp 		Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows remote attackers to execute arbitrary cod… NVD-CWE-noinfo
CVE-2010-0268 2018-10-13 06:56 2010-04-15 Show GitHub Exploit DB Packet Storm
343374 9.3 HIGH
microsoft publisher Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0479 2018-10-13 06:56 2010-04-15 Show GitHub Exploit DB Packet Storm
343375 9.3 HIGH
panda panda_activescan The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL… CWE-94
Code Injection 		CVE-2009-3735 2018-10-13 06:56 2010-02-12 Show GitHub Exploit DB Packet Storm
343376 6.8 MEDIUM
adobe flash_player Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2006-4640 2018-10-13 06:41 2006-09-13 Show GitHub Exploit DB Packet Storm
343377 9.3 HIGH
microsoft office Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a … NVD-CWE-noinfo
CWE-94
Code Injection 		CVE-2006-2389 2018-10-13 06:40 2006-07-12 Show GitHub Exploit DB Packet Storm
343378 5.1 MEDIUM
microsoft excel Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, w… CWE-20
 Improper Input Validation  		CVE-2006-3014 2018-10-13 06:40 2006-06-22 Show GitHub Exploit DB Packet Storm
343379 9.3 HIGH
microsoft hyperlink_object_library Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not p… NVD-CWE-noinfo
CVE-2006-3438 2018-10-13 06:40 2006-08-9 Show GitHub Exploit DB Packet Storm
343380 10.0 HIGH
microsoft windows_2000
windows_2003_server
windows_xp 		Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RP… NVD-CWE-Other
CVE-2006-3439 2018-10-13 06:40 2006-08-9 Show GitHub Exploit DB Packet Storm
343381 10.0 HIGH
microsoft windows_2000
windows_2003_server
windows_xp 		Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vuln… NVD-CWE-Other
CVE-2006-3440 2018-10-13 06:40 2006-08-9 Show GitHub Exploit DB Packet Storm
343382 10.0 HIGH
microsoft windows_2000
windows_2003_server
windows_xp 		Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: wh… NVD-CWE-Other
CVE-2006-3441 2018-10-13 06:40 2006-08-9 Show GitHub Exploit DB Packet Storm
343383 5.1 MEDIUM
adobe flash_player Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access"… NVD-CWE-noinfo
CVE-2006-3587 2018-10-13 06:40 2006-07-14 Show GitHub Exploit DB Packet Storm
343384 2.6 LOW
adobe flash_player Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue tha… NVD-CWE-noinfo
CVE-2006-3588 2018-10-13 06:40 2006-07-14 Show GitHub Exploit DB Packet Storm
343385 7.6 HIGH
microsoft windows_2000
windows_2003_server
windows_xp 		Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled except… NVD-CWE-noinfo
CVE-2006-3648 2018-10-13 06:40 2006-08-9 Show GitHub Exploit DB Packet Storm
343386 5.1 MEDIUM
microsoft visual_basic Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3,… NVD-CWE-Other
CVE-2006-3649 2018-10-13 06:40 2006-08-9 Show GitHub Exploit DB Packet Storm
343387 5.0 MEDIUM
microsoft .net_framework Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to bypass access restrictions via unspecified "URL paths" that … NVD-CWE-Other
CVE-2006-1300 2018-10-13 06:39 2006-07-12 Show GitHub Exploit DB Packet Storm
343388 9.3 HIGH
microsoft excel
excel_viewer 		Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability t… CWE-94
Code Injection 		CVE-2006-1301 2018-10-13 06:39 2006-07-14 Show GitHub Exploit DB Packet Storm
343389 9.3 HIGH
microsoft excel
excel_viewer 		Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value. NVD-CWE-noinfo
CWE-94
Code Injection 		CVE-2006-1308 2018-10-13 06:39 2006-07-14 Show GitHub Exploit DB Packet Storm
343390 9.3 HIGH
microsoft excel
excel_viewer 		Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption. CWE-94
Code Injection 		CVE-2006-1309 2018-10-13 06:39 2006-07-14 Show GitHub Exploit DB Packet Storm
343391 9.3 HIGH
microsoft office Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with ma… CWE-94
Code Injection 		CVE-2006-1316 2018-10-13 06:39 2006-07-12 Show GitHub Exploit DB Packet Storm
343392 5.0 MEDIUM
microsoft office Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to acce… NVD-CWE-Other
CVE-2006-0004 2018-10-13 06:38 2006-02-15 Show GitHub Exploit DB Packet Storm
343393 6.5 MEDIUM
microsoft windows_2003_server
windows_xp 		Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via craf… NVD-CWE-Other
CVE-2006-0013 2018-10-13 06:38 2006-02-15 Show GitHub Exploit DB Packet Storm
343394 9.3 HIGH
microsoft windows_2000
windows_2003_server
windows_98
windows_98se
windows_me
windows_xp 		An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause … CWE-189
Numeric Errors 		CVE-2006-0020 2018-10-13 06:38 2006-01-11 Show GitHub Exploit DB Packet Storm
343395 7.6 HIGH
microsoft powerpoint Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, Office 2004 for Mac, and v. X for Mac allows user-assisted attackers to execute… NVD-CWE-noinfo
CVE-2006-0022 2018-10-13 06:38 2006-06-14 Show GitHub Exploit DB Packet Storm
343396 5.1 MEDIUM
macromedia flash_player Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. NVD-CWE-Other
CVE-2006-0024 2018-10-13 06:38 2006-03-16 Show GitHub Exploit DB Packet Storm
343397 9.3 HIGH
microsoft windows_media_player Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2006-0025 2018-10-13 06:38 2006-06-14 Show GitHub Exploit DB Packet Storm
343398 5.1 MEDIUM
microsoft excel
office 		Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a m… NVD-CWE-noinfo
CVE-2006-0029 2018-10-13 06:38 2006-03-15 Show GitHub Exploit DB Packet Storm
343399 5.1 MEDIUM
microsoft excel
office 		Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a m… NVD-CWE-noinfo
CVE-2006-0030 2018-10-13 06:38 2006-03-15 Show GitHub Exploit DB Packet Storm
343400 9.3 HIGH
microsoft office Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image th… NVD-CWE-noinfo
CVE-2006-0033 2018-10-13 06:38 2006-07-12 Show GitHub Exploit DB Packet Storm