Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253231	10	危険	The Tor Project	-	Tor におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1676	2012-03-27 18:42	2010-12-20	Show	GitHub Exploit DB Packet Storm

253232	9.3	危険	Nullsoft	-	Winamp の vp6.w5s におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1523	2012-03-27 18:42	2010-10-8	Show	GitHub Exploit DB Packet Storm

253233	9.3	危険	March Hare Pty Ltd	-	March Hare Software CVSNT の perms.cpp における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1326	2012-03-27 18:42	2010-09-15	Show	GitHub Exploit DB Packet Storm

253234	4.3	警告	IBM	-	IBM WebSphere MQ における X.509 証明書の認証をなりすまされる脆弱性	CWE-Other その他	CVE-2010-0782	2012-03-27 18:42	2010-10-20	Show	GitHub Exploit DB Packet Storm

253235	5	警告	シスコシステムズ	-	Cisco WLC におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0575	2012-03-27 18:42	2010-09-8	Show	GitHub Exploit DB Packet Storm

253236	7.8	危険	シスコシステムズ	-	Cisco WLC におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-0574	2012-03-27 18:42	2010-09-8	Show	GitHub Exploit DB Packet Storm

253237	3.5	注意	IBM	-	IBM PNMSS の load.php における CRLF インジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2010-0155	2012-03-27 18:42	2010-09-14	Show	GitHub Exploit DB Packet Storm

253238	4	警告	IBM	-	IBM PNMSS アプライアンスの sla/index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0154	2012-03-27 18:42	2010-09-14	Show	GitHub Exploit DB Packet Storm

253239	6.8	警告	IBM	-	IBM PNMSS アプライアンスの LMI におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-0153	2012-03-27 18:42	2010-09-14	Show	GitHub Exploit DB Packet Storm

253240	4.3	警告	IBM	-	IBM PNMSS アプライアンスの LMI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0152	2012-03-27 18:42	2010-09-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194651	7.5	HIGH Network	cesnet	libyang	In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->f…	CWE-252 Unchecked Return Value	CVE-2021-28902	2024-11-21 15:00	2021-05-21	Show	GitHub Exploit DB Packet Storm

194652	7.5	HIGH Network	envoyproxy	envoy	An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.	CWE-617 Reachable Assertion	CVE-2021-29258	2024-11-21 15:00	2021-05-21	Show	GitHub Exploit DB Packet Storm

194653	7.5	HIGH Network	envoyproxy	envoy	An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.	CWE-476 NULL Pointer Dereference	CVE-2021-28683	2024-11-21 15:00	2021-05-21	Show	GitHub Exploit DB Packet Storm

194654	7.5	HIGH Network	envoyproxy	envoy	An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.	CWE-190 Integer Overflow or Wraparound	CVE-2021-28682	2024-11-21 15:00	2021-05-21	Show	GitHub Exploit DB Packet Storm

194655	7.5	HIGH Network	invoiceplane	invoiceplane	In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. Allowing an attacker to directory traversal and download files suppose to be private with…	CWE-552 Files or Directories Accessible to External Parties	CVE-2021-29024	2024-11-21 15:00	2021-05-18	Show	GitHub Exploit DB Packet Storm

194656	5.3	MEDIUM Network	invoiceplane	invoiceplane	InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable.	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2021-29023	2024-11-21 15:00	2021-05-18	Show	GitHub Exploit DB Packet Storm

194657	4.3	MEDIUM Network	liferay	dxp liferay_portal	The Data Engine module in Liferay Portal 7.3.0 through 7.3.5, and Liferay DXP 7.3 before fix pack 1 does not check permissions in DataDefinitionResourceImpl.getSiteDataDefinitionByContentTypeByDataDe…	CWE-276 Incorrect Default Permissions	CVE-2021-29052	2024-11-21 15:00	2021-05-17	Show	GitHub Exploit DB Packet Storm

194658	6.1	MEDIUM Network	liferay	dxp liferay_portal	Cross-site scripting (XSS) vulnerability in the Asset module's Asset Publisher app in Liferay Portal 7.2.1 through 7.3.5, and Liferay DXP 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before…	CWE-79 Cross-site Scripting	CVE-2021-29051	2024-11-21 15:00	2021-05-17	Show	GitHub Exploit DB Packet Storm

194659	6.1	MEDIUM Network	liferay	dxp liferay_portal	Cross-site scripting (XSS) vulnerability in the Layout module's page administration page in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.2 before fix pack 11 and 7.3 before fix pack 1 allows remote …	CWE-79 Cross-site Scripting	CVE-2021-29048	2024-11-21 15:00	2021-05-17	Show	GitHub Exploit DB Packet Storm

194660	8.8	HIGH Network	liferay	dxp liferay_portal	Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated users to execute arbitrary SQL commands via the classPKField parameter …	CWE-89 SQL Injection	CVE-2021-29053	2024-11-21 15:00	2021-05-17	Show	GitHub Exploit DB Packet Storm