Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4051	9.8	緊急 Network	bukts.ru LLC (Nefteprodukttekhnika)	BUK TS-G Gas Station Automation System	bukts.ru LLC (Nefteprodukttekhnika)のBUK TS-G Gas Station Automation SystemにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-3843	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

4052	6.1	警告 Network	spin.js	spin.js	spin.jsにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-3884	2026-05-11 11:02	2026-03-11	Show	GitHub Exploit DB Packet Storm

4053	8.3	重要 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるログファイルからの情報漏えいに関する脆弱性	CWE-532 ログファイルからの情報漏えい	CVE-2024-30151	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

4054	5.7	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2025-31957	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

4055	3.5	低 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるメタデータのよる重要な情報の公開に関する脆弱性	CWE-1230 メタデータのよる重要な情報の公開	CVE-2025-31959	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

4056	5.3	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2025-31960	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

4057	5.3	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-31975	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

4058	5.4	警告 Network	HCL Technologies Limited	HCL BigFix Service Management (SM)	HCL Technologies LimitedのHCL BigFix Service Management (SM)における情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2025-31984	2026-05-11 11:02	2026-05-6	Show	GitHub Exploit DB Packet Storm

4059	7.2	重要 Network	デル	data domain operating system	デルのdata domain operating systemにおけるセッションの固定化の脆弱性	CWE-384 セッションの固定化	CVE-2025-46605	2026-05-11 11:02	2026-04-17	Show	GitHub Exploit DB Packet Storm

4060	7.2	重要 Network	デル	data domain operating system	デルのdata domain operating systemにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2025-46606	2026-05-11 11:01	2026-04-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346891	-	2daybiz	polls_script	Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login fiel…	CWE-89 SQL Injection	CVE-2010-1704	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346892	-	2daybiz	auction_script	Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possib…	CWE-89 SQL Injection	CVE-2010-1706	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346893	-	freerealty.rwcinc	free_realty	Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password fiel…	CWE-89 SQL Injection	CVE-2010-1708	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346894	-	g5-scripts	auto-img-gallery	Multiple cross-site scripting (XSS) vulnerabilities in upload.cgi in G5-Scripts Auto-Img-Gallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pass parame…	CWE-79 Cross-site Scripting	CVE-2010-1709	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346895	-	ramoncastro	siestta	Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the idioma …	CWE-22 Path Traversal	CVE-2010-1710	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346896	-	ramoncastro	siestta	Cross-site scripting (XSS) vulnerability in carga_foto_al.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the usuario paramete…	CWE-79 Cross-site Scripting	CVE-2010-1711	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346897	-	webmobo	wbnews	Multiple cross-site scripting (XSS) vulnerabilities in base/Comments.php in Webmobo WB News 2.3.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name and possibly (2) messa…	CWE-79 Cross-site Scripting	CVE-2010-1712	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346898	-	postnuke	postnuke	SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbitrary SQL commands via the sid parameter in a News article modload action.	CWE-89 SQL Injection	CVE-2010-1713	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346899	-	dev.pucit.edu.pk	com_arcadegames	Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to ind…	CWE-22 Path Traversal	CVE-2010-1714	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm

346900	-	pucit.edu	com_onlineexam	Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the c…	CWE-22 Path Traversal	CVE-2010-1715	2017-08-17 10:32	2010-05-5	Show	GitHub Exploit DB Packet Storm