Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254121 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0261 2010-03-19 10:28 2010-03-9 Show GitHub Exploit DB Packet Storm
254122 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるヒープベースのバッファオーバーフローの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0260 2010-03-19 10:28 2010-03-9 Show GitHub Exploit DB Packet Storm
254123 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0258 2010-03-19 10:27 2010-03-9 Show GitHub Exploit DB Packet Storm
254124 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0264 2010-03-19 10:27 2010-03-9 Show GitHub Exploit DB Packet Storm
254125 9.3 危険 マイクロソフト - Microsoft Office Excel における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0257 2010-03-19 10:27 2010-03-9 Show GitHub Exploit DB Packet Storm
254126 9.3 危険 マイクロソフト - Microsoft Windows Movie Maker および Microsoft Producer におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0265 2010-03-19 10:27 2010-03-9 Show GitHub Exploit DB Packet Storm
254127 8.5 危険 Samba Project - Samba の smbd におけるファイルパーミッションを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0728 2010-03-18 12:09 2010-03-10 Show GitHub Exploit DB Packet Storm
254128 7.2 危険 IBM - IBM AIX および VIOS の qosmod におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0960 2010-03-18 12:09 2010-03-5 Show GitHub Exploit DB Packet Storm
254129 7.2 危険 IBM - IBM AIX および VIOS の qoslist におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0961 2010-03-18 12:09 2010-03-5 Show GitHub Exploit DB Packet Storm
254130 9 危険 マイクロソフト - Microsoft Virtual PC の VMM におけるゲスト OS 内で任意のカーネルモードコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1542 2010-03-17 12:18 2009-07-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223591 7.8 HIGH
Local 		infoway social_photo_gallery The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not chec… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-14467 2024-11-21 13:26 2019-11-19 Show GitHub Exploit DB Packet Storm
223592 9.8 CRITICAL
Network 		vocabularyserver tematres TemaTres 3.0 allows remote unprivileged users to create an administrator account NVD-CWE-noinfo
CVE-2019-14345 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223593 5.4 MEDIUM
Network 		vocabularyserver tematres TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI. CWE-79
Cross-site Scripting 		CVE-2019-14343 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223594 5.5 MEDIUM
Local 		intel
netapp 		graphics_driver
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire_baseboard_management_controller_firmware 		Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. CWE-20
 Improper Input Validation  		CVE-2019-14591 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223595 5.5 MEDIUM
Local 		intel
netapp 		graphics_driver
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire_baseboard_management_controller_firmware 		Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. CWE-269
 Improper Privilege Management 		CVE-2019-14590 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223596 5.5 MEDIUM
Local 		intel
netapp 		graphics_driver
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire_baseboard_management_controller_firmware 		Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. CWE-125
Out-of-bounds Read 		CVE-2019-14574 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223597 7.8 HIGH
Local 		intel software_guard_extensions_sdk Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service vi… CWE-20
 Improper Input Validation  		CVE-2019-14566 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223598 7.8 HIGH
Local 		intel software_guard_extensions_sdk Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclos… CWE-665
 Improper Initialization 		CVE-2019-14565 2024-11-21 13:26 2019-11-15 Show GitHub Exploit DB Packet Storm
223599 7.5 HIGH
Network 		slack-chat_project slack-chat Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.). CWE-200
Information Exposure 		CVE-2019-14367 2024-11-21 13:26 2019-11-13 Show GitHub Exploit DB Packet Storm
223600 7.5 HIGH
Network 		slack wp_slacksync WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.). CWE-200
Information Exposure 		CVE-2019-14366 2024-11-21 13:26 2019-11-13 Show GitHub Exploit DB Packet Storm