Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4261 4.8 警告
Network 		GFI GFI HelpDesk GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-23752 2026-04-30 12:14 2026-04-20 Show GitHub Exploit DB Packet Storm
4262 4.8 警告
Network 		GFI GFI HelpDesk GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-23753 2026-04-30 12:14 2026-04-20 Show GitHub Exploit DB Packet Storm
4263 5.4 警告
Network 		GFI GFI HelpDesk GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-23756 2026-04-30 12:13 2026-04-20 Show GitHub Exploit DB Packet Storm
4264 5.4 警告
Network 		GFI GFI HelpDesk GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-23757 2026-04-30 12:13 2026-04-20 Show GitHub Exploit DB Packet Storm
4265 5.4 警告
Network 		GFI GFI HelpDesk GFIのGFI HelpDeskにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-23758 2026-04-30 12:13 2026-04-20 Show GitHub Exploit DB Packet Storm
4266 6.5 警告
Network 		Mattermost, Inc. Focalboard Mattermost, Inc.のFocalboardにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-25773 2026-04-30 12:13 2026-04-3 Show GitHub Exploit DB Packet Storm
4267 4.3 警告
Network 		Mattermost, Inc. Focalboard Mattermost, Inc.のFocalboardにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-28736 2026-04-30 12:13 2026-04-3 Show GitHub Exploit DB Packet Storm
4268 7.8 重要
Local 		DeepCool DeepCreative DeepCoolのDeepCreativeにおける安全でない継承されたパーミッションに関する脆弱性 CWE-277
安全でない継承されたパーミッション 		CVE-2026-30266 2026-04-30 12:13 2026-04-20 Show GitHub Exploit DB Packet Storm
4269 7.5 重要
Network 		Angeet ES3 KVM Firmware AngeetのES3 KVM Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-32297 2026-04-30 12:13 2026-03-17 Show GitHub Exploit DB Packet Storm
4270 9.1 緊急
Network 		Angeet ES3 KVM Firmware AngeetのES3 KVM FirmwareにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-32298 2026-04-30 12:13 2026-03-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
352901 - pligg pligg_cms Multiple cross-site scripting (XSS) vulnerabilities in Pligg before 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to (1) admin/admin_config.php, (2) … CWE-79
Cross-site Scripting 		CVE-2009-4786 2010-04-22 13:00 2010-04-21 Show GitHub Exploit DB Packet Storm
352902 - sun solaris
opensolaris 		Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users t… NVD-CWE-noinfo
CVE-2009-4774 2010-04-21 23:30 2010-04-21 Show GitHub Exploit DB Packet Storm
352903 - realnetworks helix_dna_server
helix_server
helix_server_mobile 		Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and Helix Mobile Server 11.x, 12.x, and 13.x allows remote attackers to have an unspecified impact via… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-1317 2010-04-21 13:00 2010-04-21 Show GitHub Exploit DB Packet Storm
352904 - gogoritas com_photobattle Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. CWE-22
Path Traversal 		CVE-2010-1461 2010-04-19 13:00 2010-04-17 Show GitHub Exploit DB Packet Storm
352905 - tembria server_monitor Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted (1) GE… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-1316 2010-04-16 13:00 2010-04-15 Show GitHub Exploit DB Packet Storm
352906 - justsystems ichitaro Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file. NVD-CWE-noinfo
CVE-2010-1424 2010-04-16 13:00 2010-04-16 Show GitHub Exploit DB Packet Storm
352907 - f-secure anti-virus
f-secure_anti-virus
f-secure_anti-virus_client_security
f-secure_anti-virus_for_citrix_servers
f-secure_anti-virus_for_linux
f-secure_anti-virus_for_microsoft_exchange
f-… 		F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.0… NVD-CWE-Other
CVE-2010-1425 2010-04-16 13:00 2010-04-16 Show GitHub Exploit DB Packet Storm
352908 - mhd_zaher_ghaibeh arab_cart SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2010-0724 2010-04-15 14:41 2010-02-27 Show GitHub Exploit DB Packet Storm
352909 - mhd_zaher_ghaibeh arab_cart Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. CWE-79
Cross-site Scripting 		CVE-2010-0725 2010-04-15 14:41 2010-02-27 Show GitHub Exploit DB Packet Storm
352910 - preprojects pre_classified_listings_asp Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter. CWE-79
Cross-site Scripting 		CVE-2010-1371 2010-04-15 06:03 2010-04-14 Show GitHub Exploit DB Packet Storm