Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258101	4.3	警告	シトリックス・システムズ	-	複数の Citrix XenServer 製品の XenAPI HTTP インターフェイスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3253	2010-09-14 15:54	2008-07-16	Show	GitHub Exploit DB Packet Storm

258102	7.5	危険	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit における PHP コードを挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2009-3760	2010-09-14 15:54	2009-10-22	Show	GitHub Exploit DB Packet Storm

258103	6	警告	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-3759	2010-09-14 15:54	2009-10-22	Show	GitHub Exploit DB Packet Storm

258104	7.5	危険	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-3758	2010-09-14 15:53	2009-10-22	Show	GitHub Exploit DB Packet Storm

258105	4.3	警告	シトリックス・システムズ	-	Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-3757	2010-09-14 15:53	2009-10-22	Show	GitHub Exploit DB Packet Storm

258106	7.2	危険	シトリックス・システムズ	-	Xen の xend におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-5716	2010-09-14 15:53	2008-12-24	Show	GitHub Exploit DB Packet Storm

258107	6	警告	VMware	-	VMware Studio の Virtual Appliance Management Infrastructure における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-2667	2010-09-13 16:05	2010-07-13	Show	GitHub Exploit DB Packet Storm

258108	4.4	警告	VMware	-	VMware Studio における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2427	2010-09-13 16:05	2010-07-13	Show	GitHub Exploit DB Packet Storm

258109	6.8	警告	VMware	-	VMware SpringSource tc Server Runtime における JMX インターフェイスへのアクセス権を取得される脆弱性	CWE-287 不適切な認証	CVE-2010-1454	2010-09-13 16:05	2010-05-13	Show	GitHub Exploit DB Packet Storm

258110	4.3	警告	VMware	-	VMware View におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1143	2010-09-13 16:04	2010-05-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
312671	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfs_find_entry() Syzbot reported that a task hang occurs in vcs_open() during a fu…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2024-50202	2024-11-20 01:12	2024-11-8	Show	GitHub Exploit DB Packet Storm

312672	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix encoder->possible_clones Include the encoder itself in its possible_clones bitmask. In the past nothing validated…	NVD-CWE-noinfo	CVE-2024-50201	2024-11-20 01:08	2024-11-8	Show	GitHub Exploit DB Packet Storm

312673	4.8	MEDIUM Network	open-emr	openemr	A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which …	CWE-79 Cross-site Scripting	CVE-2024-0875	2024-11-20 01:03	2024-11-15	Show	GitHub Exploit DB Packet Storm

312674	7.5	HIGH Network	schneider-electric	powerlogic_pm5341_firmware powerlogic_pm5340_firmware powerlogic_pm5320_firmware	CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become unresponsive resulting in communication loss when a large amount of IGMP packets is present in…	CWE-400 Uncontrolled Resource Consumption	CVE-2024-9409	2024-11-20 00:59	2024-11-13	Show	GitHub Exploit DB Packet Storm

312675	4.8	MEDIUM Network	vektor-inc	vk_all_in_one_expansion_unit	Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of th…	CWE-79 Cross-site Scripting	CVE-2024-52268	2024-11-20 00:57	2024-11-13	Show	GitHub Exploit DB Packet Storm

312676	4.8	MEDIUM Network	pimcore	pimcore	A stored Cross-site Scripting (XSS) vulnerability exists in the Conditions tab of Pricing Rules in pimcore/pimcore versions 10.5.19. The vulnerability is present in the From and To fields of the Date…	CWE-79 Cross-site Scripting	CVE-2023-2332	2024-11-20 00:55	2024-11-15	Show	GitHub Exploit DB Packet Storm

312677	5.4	MEDIUM Network	royal-elementor-addons	royal_elementor_addons	The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.7.1001 due to insu…	CWE-79 Cross-site Scripting	CVE-2024-9668	2024-11-20 00:55	2024-11-13	Show	GitHub Exploit DB Packet Storm

312678	5.5	MEDIUM Local	gpac	gpac	A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-…	CWE-416 Use After Free	CVE-2023-4679	2024-11-20 00:54	2024-11-15	Show	GitHub Exploit DB Packet Storm

312679	5.9	MEDIUM Network	phpipam	phpipam	phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get…	CWE-307 mproper Restriction of Excessive Authentication Attempts	CVE-2024-0787	2024-11-20 00:53	2024-11-15	Show	GitHub Exploit DB Packet Storm

312680	5.4	MEDIUM Network	royal-elementor-addons	royal_elementor_addons	The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficien…	CWE-79 Cross-site Scripting	CVE-2024-9059	2024-11-20 00:53	2024-11-13	Show	GitHub Exploit DB Packet Storm