Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253621 7.5 危険 The PHP Group - PHP の セッション拡張子における open_basedir または safe_mode 制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1130 2010-04-12 12:19 2010-03-26 Show GitHub Exploit DB Packet Storm
253622 4.3 警告 Zope Foundation - Zope におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1104 2010-04-9 16:21 2010-03-25 Show GitHub Exploit DB Packet Storm
253623 4 警告 ヒューレット・パッカード - HP HP-UX の NFS/ONCplus にあるインストールプロセスにおけるファイルシステムのアクセス権を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0451 2010-04-9 16:21 2010-03-25 Show GitHub Exploit DB Packet Storm
253624 7.5 危険 GNU Project
サイバートラスト株式会社
レッドハット		 - GnuTLS の gnutls_x509_crt_get_serial 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0731 2010-04-9 16:21 2010-03-25 Show GitHub Exploit DB Packet Storm
253625 4.3 警告 シスコシステムズ - Cisco Router and Security Device Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0594 2010-04-8 15:03 2010-04-8 Show GitHub Exploit DB Packet Storm
253626 4.3 警告 MODX - MODx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1427 2010-04-8 15:02 2010-04-8 Show GitHub Exploit DB Packet Storm
253627 7.5 危険 MODX - MODx における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1426 2010-04-8 15:02 2010-04-8 Show GitHub Exploit DB Packet Storm
253628 7.8 危険 シスコシステムズ - Cisco IOS および Cisco ルータにおける IKE パケットの処理に関するサービス運用妨害 (DoS) の脆弱性 CWE-310
暗号の問題 		CVE-2010-0578 2010-04-8 10:42 2010-03-24 Show GitHub Exploit DB Packet Storm
253629 7.8 危険 シスコシステムズ - Cisco IOS における SCCP パケットの処理に関するサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-0584 2010-04-8 10:42 2010-03-24 Show GitHub Exploit DB Packet Storm
253630 7.8 危険 シスコシステムズ - Cisco IOS における LDP パケットの処理に関するサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-0576 2010-04-8 10:42 2010-03-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223181 5.9 MEDIUM
Network 		squid-cache
canonical
debian
opensuse 		squid
ubuntu_linux
debian_linux
leap 		An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElemen… CWE-787
CWE-193
 Out-of-bounds Write
 Off-by-one Error 		CVE-2019-12521 2024-11-21 13:23 2020-04-16 Show GitHub Exploit DB Packet Storm
223182 9.8 CRITICAL
Network 		dlink dap-1650_firmware An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands. CWE-78
OS Command  		CVE-2019-12767 2024-11-21 13:23 2020-03-21 Show GitHub Exploit DB Packet Storm
223183 6.5 MEDIUM
Network 		graphicsmagick
debian
opensuse 		graphicsmagick
debian_linux
leap
backports_sle 		In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. CWE-77
Command Injection 		CVE-2019-12921 2024-11-21 13:23 2020-03-19 Show GitHub Exploit DB Packet Storm
223184 8.8 HIGH
Network 		solarwinds serv-u_managed_file_transfer SolarWinds Serv-U Managed File Transfer (MFT) Web client before 15.1.6 Hotfix 2 is vulnerable to Cross-Site Request Forgery in the file upload functionality via ?Command=Upload with the Dir and File … CWE-352
 Origin Validation Error 		CVE-2019-12769 2024-11-21 13:23 2020-03-19 Show GitHub Exploit DB Packet Storm
223185 4.3 MEDIUM
Network 		gitlab gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.0.2. Unauthorized users were able to read pipeline information of the last merge request. It has Incorrect Access C… NVD-CWE-noinfo
CVE-2019-13002 2024-11-21 13:23 2020-03-11 Show GitHub Exploit DB Packet Storm
223186 4.3 MEDIUM
Network 		gitlab gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.9 and later through 12.0.2. GitLab Snippets were vulnerable to an authorization issue that allowed unauthorized users to add comm… CWE-863
 Incorrect Authorization 		CVE-2019-13001 2024-11-21 13:23 2020-03-11 Show GitHub Exploit DB Packet Storm
223187 4.8 MEDIUM
Network 		solarwinds netpath
orion_platform
network_performance_monitor 		SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen. CWE-79
Cross-site Scripting 		CVE-2019-12863 2024-11-21 13:23 2020-02-26 Show GitHub Exploit DB Packet Storm
223188 9.1 CRITICAL
Network 		netgear nighthawk_x10-r9000_firmware In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2019-12510 2024-11-21 13:23 2020-02-25 Show GitHub Exploit DB Packet Storm
223189 6.1 MEDIUM
Network 		netgear nighthawk_x10-r9000_firmware In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the mal… CWE-79
Cross-site Scripting 		CVE-2019-12513 2024-11-21 13:23 2020-02-25 Show GitHub Exploit DB Packet Storm
223190 6.1 MEDIUM
Network 		netgear nighthawk_x10-r9000_firmware In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login att… CWE-79
Cross-site Scripting 		CVE-2019-12512 2024-11-21 13:23 2020-02-25 Show GitHub Exploit DB Packet Storm