Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251491	4	警告	Linux	-	Linux kernel のdrivers/platform/x86/thinkpad_acpi.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3448	2012-03-27 18:42	2011-01-3	Show	GitHub Exploit DB Packet Storm

251492	4.3	警告	Horde	-	Horde Gollem の view.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3447	2012-03-27 18:42	2011-04-4	Show	GitHub Exploit DB Packet Storm

251493	7.5	危険	fribidi	-	PyFriBidi で使用される GNU FriBidi の log2vis_utf8 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3444	2012-03-27 18:42	2011-01-10	Show	GitHub Exploit DB Packet Storm

251494	7.5	危険	moinejf	-	abcm2ps における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-3441	2012-03-27 18:42	2011-02-18	Show	GitHub Exploit DB Packet Storm

251495	1.9	注意	kernel.org	-	Linux-PAM の privilege-dropping 実装における重要情報を取得される脆弱性	CWE-DesignError	CVE-2010-3431	2012-03-27 18:42	2011-01-24	Show	GitHub Exploit DB Packet Storm

251496	4.7	警告	kernel.org	-	Linux-PAM の privilege-dropping 実装における重要情報を取得される脆弱性	CWE-DesignError	CVE-2010-3430	2012-03-27 18:42	2011-01-24	Show	GitHub Exploit DB Packet Storm

251497	7.5	危険	Symphony CMS	-	Symphony CMS の lib/toolkit/events/event.section.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3458	2012-03-27 18:42	2010-09-17	Show	GitHub Exploit DB Packet Storm

251498	4.3	警告	Symphony CMS	-	Symphony CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3457	2012-03-27 18:42	2010-09-17	Show	GitHub Exploit DB Packet Storm

251499	5	警告	energyscripts	-	ES Simple Download の download.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-3456	2012-03-27 18:42	2010-09-17	Show	GitHub Exploit DB Packet Storm

251500	4.3	警告	ATutor	-	AChecker の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3455	2012-03-27 18:42	2010-09-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222031	6.1	MEDIUM Network	premiumwpsuite	easy_redirect_manager	The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI.	CWE-79 Cross-site Scripting	CVE-2019-6267	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

222032	6.5	MEDIUM Network	sass-lang	libsass	In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.	CWE-125 Out-of-bounds Read	CVE-2019-6286	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

222033	6.5	MEDIUM Network	yaml-cpp_project	yaml-cpp	The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML …	CWE-674 Uncontrolled Recursion	CVE-2019-6285	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

222034	6.5	MEDIUM Network	sass-lang	libsass	In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.	CWE-125 Out-of-bounds Read	CVE-2019-6284	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

222035	6.5	MEDIUM Network	sass-lang	libsass	In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.	CWE-125 Out-of-bounds Read	CVE-2019-6283	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

222036	5.4	MEDIUM Network	jpress	jpress	XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option.	CWE-79 Cross-site Scripting	CVE-2019-6278	2024-11-21 13:46	2019-01-15	Show	GitHub Exploit DB Packet Storm

222037	9.8	CRITICAL Network	icmsdev	icms	An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL Injection via the app/article/article.admincp.php _data_id parameter.	CWE-89 SQL Injection	CVE-2019-6259	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

222038	7.7	HIGH Network	std42	elfinder	A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-6257	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

222039	8.1	HIGH Network	gnome wpewebkit webkitgtk fedoraproject canonical opensuse	epiphany wpe_webkit webkitgtk fedora ubuntu_linux leap	WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a…	NVD-CWE-noinfo	CVE-2019-6251	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

222040	8.8	HIGH Network	hucart	hucart	An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.	CWE-352 Origin Validation Error	CVE-2019-6249	2024-11-21 13:46	2019-01-14	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed