Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258761	10	危険	マイクロソフト	-	Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0240	2010-03-1 11:36	2010-02-9	Show	GitHub Exploit DB Packet Storm

258762	10	危険	マイクロソフト	-	Microsoft Windows の TCP/IP 実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0239	2010-03-1 11:36	2010-02-9	Show	GitHub Exploit DB Packet Storm

258763	9.3	危険	マイクロソフト	-	Microsoft Windows の SMB クライアント実装における権限昇格の脆弱性	CWE-362 競合状態	CVE-2010-0017	2010-03-1 11:35	2010-02-9	Show	GitHub Exploit DB Packet Storm

258764	9.3	危険	マイクロソフト	-	Microsoft Windows の SMB クライアント実装における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0016	2010-03-1 11:35	2010-02-9	Show	GitHub Exploit DB Packet Storm

258765	5	警告	日立	-	uCosminexus Portal Framework におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2010-02-26 11:36	2010-01-29	Show	GitHub Exploit DB Packet Storm

258766	2.6	注意	tDiary開発プロジェクト	-	tDiary 付属のプラグイン tb-send.rb におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0726	2010-02-25 15:03	2010-02-25	Show	GitHub Exploit DB Packet Storm

258767	4.3	警告	サン・マイクロシステムズ	-	Sun ONE/iPlanet Web Server における HTTP リクエストを非表示にされる脆弱性	CWE-Other その他	CVE-2003-1578	2010-02-25 12:36	2003-11-14	Show	GitHub Exploit DB Packet Storm

258768	2.6	注意	サン・マイクロシステムズ	-	Sun ONE/iPlanet Web Server におけるログファイルに任意のテキストを挿入される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2003-1577	2010-02-25 12:36	2003-11-14	Show	GitHub Exploit DB Packet Storm

258769	5	警告	IBM	-	IBM WebSphere Application Server の Single Sign-on 機能における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-0563	2010-02-25 12:35	2010-02-5	Show	GitHub Exploit DB Packet Storm

258770	5	警告	アップル	-	Apple Safari の WebKit における任意の Web サイトにリクエストされる脆弱性	CWE-Other その他	CVE-2009-2841	2010-02-25 12:33	2009-11-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195041	7.5	HIGH Network	ge	multilin_b30_firmware multilin_b90_firmware multilin_c60_firmware multilin_c70_firmware multilin_c95_firmware multilin_d30_firmware multilin_d60_firmware multilin_f35_firmware	GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2021-27422	2024-11-21 14:57	2022-03-24	Show	GitHub Exploit DB Packet Storm

195042	5.3	MEDIUM Network	ge	multilin_b30_firmware multilin_b90_firmware multilin_c60_firmware multilin_c70_firmware multilin_c95_firmware multilin_d30_firmware multilin_d60_firmware multilin_f35_firmware	GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of unsupported HTTP verbs, resulting in the web server becoming temporarily unresponsive after receiving…	CWE-20 Improper Input Validation	CVE-2021-27420	2024-11-21 14:57	2022-03-24	Show	GitHub Exploit DB Packet Storm

195043	6.1	MEDIUM Network	ge	multilin_b30_firmware multilin_b90_firmware multilin_c60_firmware multilin_c70_firmware multilin_c95_firmware multilin_d30_firmware multilin_d60_firmware multilin_f35_firmware	GE UR firmware versions prior to version 8.1x supports web interface with read-only access. The device fails to properly validate user input, making it possible to perform cross-site scripting attack…	CWE-79 Cross-site Scripting	CVE-2021-27418	2024-11-21 14:57	2022-03-24	Show	GitHub Exploit DB Packet Storm

195044	5.4	MEDIUM Network	hitachienergy	ellipse_enterprise_asset_management	An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containi…	CWE-79 Cross-site Scripting	CVE-2021-27416	2024-11-21 14:57	2022-03-12	Show	GitHub Exploit DB Packet Storm

195045	6.1	MEDIUM Network	hitachienergy	ellipse_enterprise_asset_management	An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2021-27414	2024-11-21 14:57	2022-03-12	Show	GitHub Exploit DB Packet Storm

195046	7.8	HIGH Local	htmldoc_project	htmldoc	Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file.	CWE-476 NULL Pointer Dereference	CVE-2021-26948	2024-11-21 14:57	2022-03-4	Show	GitHub Exploit DB Packet Storm

195047	9.8	CRITICAL Network	netapp	virtual_desktop_service	NetApp Virtual Desktop Service (VDS) when used with an HTML5 gateway is susceptible to a vulnerability which when successfully exploited could allow an unauthenticated attacker to takeover a Remote D…	NVD-CWE-noinfo	CVE-2021-27007	2024-11-21 14:57	2021-12-24	Show	GitHub Exploit DB Packet Storm

195048	4.4	MEDIUM Local	netapp	storagegrid	StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings …	NVD-CWE-noinfo	CVE-2021-27006	2024-11-21 14:57	2021-12-24	Show	GitHub Exploit DB Packet Storm

195049	4.4	MEDIUM Local	puppet	puppet puppet_connect puppet_enterprise	A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2021-27026	2024-11-21 14:57	2021-11-19	Show	GitHub Exploit DB Packet Storm

195050	6.5	MEDIUM Network	puppet fedoraproject	puppet_agent puppet puppet_enterprise fedora	A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.	NVD-CWE-noinfo	CVE-2021-27025	2024-11-21 14:57	2021-11-19	Show	GitHub Exploit DB Packet Storm