Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 31, 2026, 2 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 257051 | 4.3 | 警告 | Mozilla Foundation | - | Mozilla Firefox における同一生成元ポリシーを回避される脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-0170 | 2010-04-5 14:53 | 2010-03-23 | Show | GitHub Exploit DB Packet Storm |
| 257052 | 7.5 | 危険 | Heartlogic | - | HL-SiteManager における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-1331 | 2010-04-2 15:02 | 2010-04-2 | Show | GitHub Exploit DB Packet Storm |
| 257053 | 9.3 | 危険 | Mozilla Foundation | - | Mozilla Firefox の Web Open Fonts Format デコーダ における整数オーバーフローの脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-1028 | 2010-04-2 14:05 | 2010-03-19 | Show | GitHub Exploit DB Packet Storm |
| 257054 | 5 | 警告 | 富士通 アクセラテクノロジ |
- | Accela BizSearch のローカル収集におけるアクセス権限に関する脆弱性 |
CWE-200
情報漏えい |
- | 2010-04-2 14:05 | 2010-03-10 | Show | GitHub Exploit DB Packet Storm |
| 257055 | 1.9 | 注意 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel における SCSI ホストの属性に任意の変更を加えられる脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3556 | 2010-04-2 14:02 | 2010-01-19 | Show | GitHub Exploit DB Packet Storm |
| 257056 | 10 | 危険 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の e1000e ドライバにおけるイーサネットフレームの処理に関する脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4538 | 2010-04-2 14:02 | 2010-01-12 | Show | GitHub Exploit DB Packet Storm |
| 257057 | 6.6 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の poll_mode_io ファイルにおけるドライバの I/O モードを変更される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3939 | 2010-04-2 14:00 | 2009-11-16 | Show | GitHub Exploit DB Packet Storm |
| 257058 | 6.6 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel におけるドライバの動作およびログレベルを変更される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3889 | 2010-04-2 14:00 | 2009-11-16 | Show | GitHub Exploit DB Packet Storm |
| 257059 | 7.8 | 危険 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の hfs サブシステムにおけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-4020 | 2010-04-2 13:59 | 2009-12-4 | Show | GitHub Exploit DB Packet Storm |
| 257060 | 4.7 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の drivers/firewire/ohci.c におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-4138 | 2010-04-2 13:58 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 31, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 194821 | 9.1 |
CRITICAL
Network |
apache netapp debian oracle |
xmlbeans snap_creator_framework snapmanager oncommand_unified_manager_core_package debian_linux peoplesoft_enterprise_peopletools middleware_common_libraries_and_tools |
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion att… |
CWE-776
XML Entity Expansion |
CVE-2021-23926 | 2024-11-21 14:52 | 2021-01-15 | Show | GitHub Exploit DB Packet Storm |
| 194822 | 5.9 |
MEDIUM
Network |
apache debian oracle |
tomcat debian_linux agile_plm |
When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to … |
CWE-706
Use of Incorrectly-Resolved Name or Reference |
CVE-2021-24122 | 2024-11-21 14:52 | 2021-01-15 | Show | GitHub Exploit DB Packet Storm |
| 194823 | 7.5 |
HIGH
Network |
owasp | json-sanitizer | OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these sit… |
NVD-CWE-noinfo
|
CVE-2021-23900 | 2024-11-21 14:52 | 2021-01-14 | Show | GitHub Exploit DB Packet Storm |
| 194824 | 9.8 |
CRITICAL
Network |
owasp | json-sanitizer | OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents. |
CWE-611
XXE |
CVE-2021-23899 | 2024-11-21 14:52 | 2021-01-14 | Show | GitHub Exploit DB Packet Storm |
| 194825 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via the subject of a task. |
CWE-79
Cross-site Scripting |
CVE-2021-23936 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194826 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code. |
CWE-79
Cross-site Scripting |
CVE-2021-23935 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194827 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code. |
CWE-79
Cross-site Scripting |
CVE-2021-23934 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194828 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL. |
CWE-79
Cross-site Scripting |
CVE-2021-23933 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194829 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via an inline image with a crafted filename. |
CWE-79
Cross-site Scripting |
CVE-2021-23932 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |
| 194830 | 6.1 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.4 allows XSS via an inline binary file. |
CWE-79
Cross-site Scripting |
CVE-2021-23931 | 2024-11-21 14:52 | 2021-01-13 | Show | GitHub Exploit DB Packet Storm |