Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 24, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256211	6.8	警告	アップル	-	Java の window drawing 実装における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2010-0539	2010-06-7 17:58	2010-05-18	Show	GitHub Exploit DB Packet Storm

256212	6.8	警告	アップル	-	Apple Mac OS X 上で稼働する Java における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0538	2010-06-7 17:58	2010-05-18	Show	GitHub Exploit DB Packet Storm

256213	6.5	警告	PostgreSQL.org サイバートラスト株式会社ターボリナックスサン・マイクロシステムズレッドハット	-	PostgreSQL におけるインデックスの処理に関する権限を取得される脆弱性	CWE-Other その他	CVE-2009-4136	2010-06-7 16:48	2009-12-15	Show	GitHub Exploit DB Packet Storm

256214	-	-	コンソナ	-	Consona (旧 SupportSoft) Intelligent Assistance Suite (IAS) に複数の脆弱性	-	-	2010-06-4 17:58	2010-05-13	Show	GitHub Exploit DB Packet Storm

256215	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	JDK および JRE の Java プラグインにおける古い JRE バージョンで動作可能な脆弱性	CWE-DesignError	CVE-2009-1105	2010-06-4 15:54	2009-03-24	Show	GitHub Exploit DB Packet Storm

256216	10	危険	日立	-	Collaboration - Common Utility におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	-	2010-06-3 15:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

256217	10	危険	日立 CA Technologies	-	CA ARCserve Backup および BrightStor ARCserve Backup における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	-	2010-06-3 15:19	2010-03-18	Show	GitHub Exploit DB Packet Storm

256218	6.4	警告	サイバートラスト株式会社 MySQL AB ターボリナックスレッドハット	-	MySQL における SSL サーバになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2009-4028	2010-06-3 14:57	2009-11-4	Show	GitHub Exploit DB Packet Storm

256219	4	警告	富士通九州システムズ	-	e-Pares におけるセッション固定の脆弱性	CWE-Other その他	CVE-2010-2149	2010-06-2 15:05	2010-06-2	Show	GitHub Exploit DB Packet Storm

256220	2.6	注意	富士通九州システムズ	-	e-Pares におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-2151	2010-06-2 15:04	2010-06-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 25, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
315541	9.0	CRITICAL Network	vrcx-team	vrcx	VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to re…	CWE-79 Cross-site Scripting	CVE-2024-42366	2024-08-29 23:04	2024-08-9	Show	GitHub Exploit DB Packet Storm

315542	4.8	MEDIUM Network	concretecms	concrete_cms	Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVS…	CWE-79 Cross-site Scripting	CVE-2024-7394	2024-08-29 22:41	2024-08-9	Show	GitHub Exploit DB Packet Storm

315543	9.8	CRITICAL Network	havocframework	havoc	An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-41570	2024-08-29 22:32	2024-08-12	Show	GitHub Exploit DB Packet Storm

315544	-		-	-	Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentia…	CWE-788 Access of Memory Location After End of Buffer	CVE-2024-38304	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

315545	-		-	-	Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vu…	CWE-20 Improper Input Validation	CVE-2024-38303	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

315546	7.2	HIGH Network	-	-	The Theme Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'images_array' parameter in versions up to, and including 2.8. This makes it possible for authenticat…	CWE-502 Deserialization of Untrusted Data	CVE-2022-2440	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

315547	-		-	-	The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. `aws…	-	CVE-2024-45043	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

315548	-		-	-	Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution vulnerability, which can be exploited to obtain device administrator privileges via the getVar function i…	-	CVE-2024-42905	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

315549	-		-	-	A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authe…	-	CVE-2024-20478	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm

315550	-		-	-	A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerabi…	-	CVE-2024-20446	2024-08-29 22:25	2024-08-29	Show	GitHub Exploit DB Packet Storm