Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2551 3.5
Network 		openwebui open webui openwebuiのopen webuiにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-45316 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2552 4.6 警告
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-20
CWE-352
CVE-2026-45317 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2553 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-45318 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2554 8.5 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45331 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2555 7.7 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45338 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2556 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-45339 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2557 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-45345 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2558 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-45346 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2559 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45347 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2560 7.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-45349 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311861 - symantec im_manager Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the r… CWE-89
SQL Injection 		CVE-2010-0112 2024-11-21 10:11 2010-10-29 Show GitHub Exploit DB Packet Storm
311862 - apache
sap 		axis2
businessobjects 		Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier … CWE-255
Credentials Management 		CVE-2010-0219 2024-11-21 10:11 2010-10-19 Show GitHub Exploit DB Packet Storm
311863 - isc bind ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive info… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0218 2024-11-21 10:11 2010-10-6 Show GitHub Exploit DB Packet Storm
311864 - ibm proventia_network_mail_security_system_virtual_appliance
proventia_network_mail_security_system_virtual_appliance_firmware 		CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticat… CWE-94
Code Injection 		CVE-2010-0155 2024-11-21 10:11 2010-09-15 Show GitHub Exploit DB Packet Storm
311865 - ibm proventia_network_mail_security_system_virtual_appliance
proventia_network_mail_security_system_virtual_appliance_firmware 		Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote a… CWE-22
Path Traversal 		CVE-2010-0154 2024-11-21 10:11 2010-09-15 Show GitHub Exploit DB Packet Storm
311866 - ibm proventia_network_mail_security_system_virtual_appliance
proventia_network_mail_security_system_virtual_appliance_firmware 		Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 all… CWE-352
 Origin Validation Error 		CVE-2010-0153 2024-11-21 10:11 2010-09-15 Show GitHub Exploit DB Packet Storm
311867 - ibm proventia_network_mail_security_system_virtual_appliance
proventia_network_mail_security_system_virtual_appliance_firmware 		Multiple cross-site scripting (XSS) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remo… CWE-79
Cross-site Scripting 		CVE-2010-0152 2024-11-21 10:11 2010-09-15 Show GitHub Exploit DB Packet Storm
311868 - realnetworks realplayer
realplayer_sp 		Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP a… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0120 2024-11-21 10:11 2010-08-31 Show GitHub Exploit DB Packet Storm
311869 - realnetworks realplayer
realplayer_sp 		RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute… NVD-CWE-Other
CVE-2010-0117 2024-11-21 10:11 2010-08-31 Show GitHub Exploit DB Packet Storm
311870 - realnetworks realplayer
realplayer_sp 		Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that trigger… CWE-189
Numeric Errors 		CVE-2010-0116 2024-11-21 10:11 2010-08-31 Show GitHub Exploit DB Packet Storm