Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257391 9.3 危険 Mozilla Foundation
オラクル		 - 複数の Mozilla 製品の nsCycleCollector::MarkRoots 関数における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0183 2011-01-5 14:19 2010-06-22 Show GitHub Exploit DB Packet Storm
257392 7.5 危険 レッドハット - Red Hat Enterprise MRG の Management Console における任意のジョブを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4179 2011-01-4 16:28 2010-11-30 Show GitHub Exploit DB Packet Storm
257393 7.8 危険 シスコシステムズ - 複数の CIsco 製品上で稼働する remote-access IPSec VPN の実装における有効なグループ名を列挙される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4354 2011-01-4 16:18 2010-09-22 Show GitHub Exploit DB Packet Storm
257394 4 警告 Pidgin
オラクル		 - Pidgin の libpurple 内にある oscar プロトコルプラグインの clientautoresp 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2528 2011-01-4 16:14 2010-07-30 Show GitHub Exploit DB Packet Storm
257395 7.2 危険 VMware - 複数の VMware 製品の VMware-Tools アップデート機能における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4297 2010-12-27 15:40 2010-12-2 Show GitHub Exploit DB Packet Storm
257396 7.2 危険 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4296 2010-12-27 15:38 2010-12-2 Show GitHub Exploit DB Packet Storm
257397 6.9 警告 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-4295 2010-12-27 15:36 2010-12-2 Show GitHub Exploit DB Packet Storm
257398 9.3 危険 VMware - 複数の VMware 製品の VMnc メディアコーデック内にあるフレーム復元機能における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4294 2010-12-27 15:33 2010-12-2 Show GitHub Exploit DB Packet Storm
257399 2.1 注意 アップル - Windows 上で稼働する Apple QuickTime における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0530 2010-12-27 15:07 2010-12-9 Show GitHub Exploit DB Packet Storm
257400 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1508 2010-12-27 15:06 2010-12-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196291 2.7 LOW
Network 		arangodb arangodb In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests pe… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-25939 2024-11-21 14:55 2022-02-9 Show GitHub Exploit DB Packet Storm
196292 6.1 MEDIUM
Network 		cacti cacti As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL paramete… CWE-79
Cross-site Scripting 		CVE-2021-26247 2024-11-21 14:55 2022-01-20 Show GitHub Exploit DB Packet Storm
196293 3.0 LOW
Network 		kubernetes kubernetes kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as… NVD-CWE-Other
CVE-2021-25743 2024-11-21 14:55 2022-01-7 Show GitHub Exploit DB Packet Storm
196294 8.8 HIGH
Network 		userfrosting userfrosting In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” f… CWE-74
Injection 		CVE-2021-25994 2024-11-21 14:55 2022-01-3 Show GitHub Exploit DB Packet Storm
196295 9.8 CRITICAL
Network 		talkyard talkyard In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the … CWE-613
 Insufficient Session Expiration 		CVE-2021-25981 2024-11-21 14:55 2022-01-3 Show GitHub Exploit DB Packet Storm
196296 5.4 MEDIUM
Network 		requarks wiki.js In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while u… CWE-79
Cross-site Scripting 		CVE-2021-25993 2024-11-21 14:55 2021-12-30 Show GitHub Exploit DB Packet Storm
196297 7.3 HIGH
Network 		if-me ifme In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete … NVD-CWE-Other
CVE-2021-25991 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
196298 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe. CWE-79
Cross-site Scripting 		CVE-2021-25990 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
196299 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for … CWE-79
Cross-site Scripting 		CVE-2021-25989 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
196300 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin. CWE-79
Cross-site Scripting 		CVE-2021-25988 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm