Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253981	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の XSLT node sorting の実装における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1199	2011-01-5 14:41	2010-06-22	Show	GitHub Exploit DB Packet Storm

253982	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-1198	2011-01-5 14:40	2010-06-22	Show	GitHub Exploit DB Packet Storm

253983	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の nsGenericDOMDataNode::SetTextInternal 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1196	2011-01-5 14:39	2010-06-22	Show	GitHub Exploit DB Packet Storm

253984	9.3	危険	Mozilla Foundation オラクル	-	複数の Mozilla 製品の nsCycleCollector::MarkRoots 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0183	2011-01-5 14:19	2010-06-22	Show	GitHub Exploit DB Packet Storm

253985	7.5	危険	レッドハット	-	Red Hat Enterprise MRG の Management Console における任意のジョブを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4179	2011-01-4 16:28	2010-11-30	Show	GitHub Exploit DB Packet Storm

253986	7.8	危険	シスコシステムズ	-	複数の CIsco 製品上で稼働する remote-access IPSec VPN の実装における有効なグループ名を列挙される脆弱性	CWE-399 リソース管理の問題	CVE-2010-4354	2011-01-4 16:18	2010-09-22	Show	GitHub Exploit DB Packet Storm

253987	4	警告	Pidgin オラクル	-	Pidgin の libpurple 内にある oscar プロトコルプラグインの clientautoresp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-2528	2011-01-4 16:14	2010-07-30	Show	GitHub Exploit DB Packet Storm

253988	7.2	危険	VMware	-	複数の VMware 製品の VMware-Tools アップデート機能における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4297	2010-12-27 15:40	2010-12-2	Show	GitHub Exploit DB Packet Storm

253989	7.2	危険	VMware	-	複数の VMware 製品の vmware-mount における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4296	2010-12-27 15:38	2010-12-2	Show	GitHub Exploit DB Packet Storm

253990	6.9	警告	VMware	-	複数の VMware 製品の vmware-mount における権限昇格の脆弱性	CWE-362 競合状態	CVE-2010-4295	2010-12-27 15:36	2010-12-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
225031	5.4	MEDIUM Network	gitlab	gitlab	An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An internal endpoint unintentionally allowed group maintainers to view and edit group runner settings.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2019-15721	2024-11-21 13:29	2019-09-17	Show	GitHub Exploit DB Packet Storm

225032	6.1	MEDIUM Network	redmineup	crm	The CRM Plugin before 4.2.4 for Redmine allows XSS via crafted vCard data.	CWE-79 Cross-site Scripting	CVE-2019-15950	2024-11-21 13:29	2019-09-17	Show	GitHub Exploit DB Packet Storm

225033	9.8	CRITICAL Network	dlink	dns-320_firmware	The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.	CWE-78 OS Command	CVE-2019-16057	2024-11-21 13:29	2019-09-16	Show	GitHub Exploit DB Packet Storm

225034	9.8	CRITICAL Network	lifterlms	lifterlms	An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import function in the class.llms.admin.import.php script is prone to an unauthenticated options import vulner…	CWE-306 Missing Authentication for Critical Function	CVE-2019-15896	2024-11-21 13:29	2019-09-11	Show	GitHub Exploit DB Packet Storm

225035	7.5	HIGH Network	search_exclude_project	search_exclude	search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes.	CWE-306 Missing Authentication for Critical Function	CVE-2019-15895	2024-11-21 13:29	2019-09-9	Show	GitHub Exploit DB Packet Storm

225036	7.5	HIGH Network	digium	asterisk	main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario.	CWE-20 Improper Input Validation	CVE-2019-15639	2024-11-21 13:29	2019-09-9	Show	GitHub Exploit DB Packet Storm

225037	9.8	CRITICAL Network	airbrake	airbrake_ruby	The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 (also, 4.2.2 an…	NVD-CWE-noinfo	CVE-2019-16060	2024-11-21 13:29	2019-09-7	Show	GitHub Exploit DB Packet Storm

225038	8.8	HIGH Network	sapplica	sentrifugo	Sentrifugo 3.2 lacks CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code at index.php/dashboard/viewprofile via a crafted HTML page.	CWE-352 Origin Validation Error	CVE-2019-16059	2024-11-21 13:29	2019-09-7	Show	GitHub Exploit DB Packet Storm

225039	7.5	HIGH Network	opensc_project	opensc	An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2019-16058	2024-11-21 13:29	2019-09-7	Show	GitHub Exploit DB Packet Storm

225040	7.5	HIGH Network	python fedoraproject debian canonical redhat oracle opensuse	python fedora debian_linux ubuntu_linux software_collections solaris peoplesoft_enterprise_peopletools communications_operations_monitor zfs_storage_appliance_kit leap	An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. …	NVD-CWE-noinfo	CVE-2019-16056	2024-11-21 13:29	2019-09-7	Show	GitHub Exploit DB Packet Storm