Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253201	7.2	危険	マイクロソフト	-	Microsoft Windows の 32 ビットプラットフォームにおける権限昇格の脆弱性	CWE-noinfo 情報不足	CVE-2010-3888	2012-03-27 18:42	2010-10-8	Show	GitHub Exploit DB Packet Storm

253202	4.3	警告	アップル	-	Apple の Mac OS X の Limit Mail 機能におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3887	2012-03-27 18:42	2010-10-8	Show	GitHub Exploit DB Packet Storm

253203	4.3	警告	マイクロソフト	-	Microsoft mshtml.dll の sertIntoTimeoutList 関数における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-3886	2012-03-27 18:42	2010-10-8	Show	GitHub Exploit DB Packet Storm

253204	6.8	警告	CMS Made Simple	-	CMS Made Simple における管理者パスワードのリセット要求の管理者認証をハイジャックされる脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3884	2012-03-27 18:42	2010-10-8	Show	GitHub Exploit DB Packet Storm

253205	6.8	警告	CMS Made Simple	-	CMS Made Simple の Change Group Permissions モジュールにおけるクロスサイトリクエストフォージェリ脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3883	2012-03-27 18:42	2010-10-8	Show	GitHub Exploit DB Packet Storm

253206	4.3	警告	CMS Made Simple	-	CMS Made Simple におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3882	2012-03-27 18:42	2010-10-8	Show	GitHub Exploit DB Packet Storm

253207	4.3	警告	レッドハット	-	Red Hat JBoss Enterprise Application Platform の JMX Console におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3878	2012-03-27 18:42	2010-12-1	Show	GitHub Exploit DB Packet Storm

253208	4.3	警告	Mahara	-	Mahara の blocktype/groupviews/theme/raw/groupviews.tpl におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-3871	2012-03-27 18:42	2010-11-9	Show	GitHub Exploit DB Packet Storm

253209	4	警告	レッドハット	-	RHCS および Dogtag Certificate System における任意の認証番号を生成される脆弱性	CWE-310 暗号の問題	CVE-2010-3869	2012-03-27 18:42	2010-11-8	Show	GitHub Exploit DB Packet Storm

253210	5.8	警告	レッドハット	-	RHCS および Dogtag Certificate System における PIN を取得される脆弱性	CWE-287 不適切な認証	CVE-2010-3868	2012-03-27 18:42	2010-11-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194591	6.5	MEDIUM Local	xen debian	xen debian_linux	Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen o…	NVD-CWE-noinfo	CVE-2021-28713	2024-11-21 15:00	2022-01-6	Show	GitHub Exploit DB Packet Storm

194592	6.5	MEDIUM Local	xen debian	xen debian_linux	Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen o…	NVD-CWE-noinfo	CVE-2021-28712	2024-11-21 15:00	2022-01-6	Show	GitHub Exploit DB Packet Storm

194593	6.5	MEDIUM Local	xen debian	xen debian_linux	Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen o…	NVD-CWE-noinfo	CVE-2021-28711	2024-11-21 15:00	2022-01-6	Show	GitHub Exploit DB Packet Storm

194594	7.2	HIGH Network	hp	storeserv_management_console	A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege…	NVD-CWE-noinfo	CVE-2021-29214	2024-11-21 15:00	2021-12-11	Show	GitHub Exploit DB Packet Storm

194595	8.1	HIGH Network	devise_masquerade_project	devise_masquerade	The devise_masquerade gem before 1.3 allows certain attacks when a password's salt is unknown. An application that uses this gem to let administrators masquerade/impersonate users loses one layer of …	NVD-CWE-noinfo	CVE-2021-28680	2024-11-21 15:00	2021-12-8	Show	GitHub Exploit DB Packet Storm

194596	7.0	HIGH Local	xen	xen	grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associa…	NVD-CWE-Other	CVE-2021-28703	2024-11-21 15:00	2021-12-7	Show	GitHub Exploit DB Packet Storm

194597	6.1	MEDIUM Network	esri	arcgis_server	A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server feature services versions 10.8.1 and 10.9 (only) feature services may allow a remote, unauthenticated attacker to pass and stor…	CWE-79 Cross-site Scripting	CVE-2021-29116	2024-11-21 15:00	2021-12-7	Show	GitHub Exploit DB Packet Storm

194598	5.3	MEDIUM Network	esri	arcgis_enterprise	An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise versions 10.9.0 and below may allows a remote attacker to view hidden field names in feature layers. …	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2021-29115	2024-11-21 15:00	2021-12-7	Show	GitHub Exploit DB Packet Storm

194599	9.8	CRITICAL Network	esri	arcgis_server	A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below allows a remote, unauthenticated attacker to impact the confidentiality, integrity and availability of …	CWE-89 SQL Injection	CVE-2021-29114	2024-11-21 15:00	2021-12-7	Show	GitHub Exploit DB Packet Storm

194600	4.7	MEDIUM Network	esri	arcgis_server	A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote, unauthenticated attacker to inject attacker supplied html into a page.	CWE-829 Inclusion of Functionality from Untrusted Control Sphere	CVE-2021-29113	2024-11-21 15:00	2021-12-7	Show	GitHub Exploit DB Packet Storm