Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5571 9.8 緊急
Network 		Delta Electronics, INC. AS320T Firmware Delta Electronics, INC.のAS320T Firmwareにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-121
スタックオーバーフロー 		CVE-2026-1951 2026-05-13 10:27 2026-04-24 Show GitHub Exploit DB Packet Storm
5572 7.5 重要
Network 		Delta Electronics, INC. AS320T Firmware Delta Electronics, INC.のAS320T Firmwareにおける非公開の機能に関する脆弱性 CWE-912
非公開の機能 		CVE-2026-1952 2026-05-13 10:27 2026-04-24 Show GitHub Exploit DB Packet Storm
5573 9.1 緊急
Network 		DDEV DDEV DDEVにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-32885 2026-05-13 10:27 2026-04-22 Show GitHub Exploit DB Packet Storm
5574 6.5 警告
Network 		langflow Langflow Desktop langflowのLangflow Desktopにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-3340 2026-05-13 10:27 2026-04-30 Show GitHub Exploit DB Packet Storm
5575 6.5 警告
Network 		langflow Langflow Desktop langflowのLangflow Desktopにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-3345 2026-05-13 10:27 2026-04-30 Show GitHub Exploit DB Packet Storm
5576 6.4 警告
Network 		langflow Langflow Desktop langflowのLangflow DesktopにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-3346 2026-05-13 10:27 2026-04-30 Show GitHub Exploit DB Packet Storm
5577 4.8 警告
Network 		V2Board V2Board V2Boardにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-37503 2026-05-13 10:26 2026-05-1 Show GitHub Exploit DB Packet Storm
5578 7.5 重要
Network 		V2Board V2Board V2BoardにおけるGET リクエストにおけるクエリ文字列からの情報漏えいに関する脆弱性 CWE-598
GET リクエストにおけるクエリ文字列からの情報漏えい 		CVE-2026-37504 2026-05-13 10:26 2026-05-1 Show GitHub Exploit DB Packet Storm
5579 4.9 警告
Network 		V2Board V2Board V2BoardにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-37505 2026-05-13 10:26 2026-05-1 Show GitHub Exploit DB Packet Storm
5580 5.4 警告
Network 		Apache Software Foundation Apache-airflow-providers-keycloak Apache Software FoundationのApache-airflow-providers-keycloakにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2026-40948 2026-05-13 10:26 2026-04-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
314081 - adobe shockwave_player Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption. NOTE: due to conflicting i… CWE-399
 Resource Management Errors 		CVE-2010-2874 2024-11-21 10:17 2010-09-8 Show GitHub Exploit DB Packet Storm
314082 - microsoft windows_2003_server
windows_server_2008
windows_xp
windows_7
windows_vista
windows_server_2003 		Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cau… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2739 2024-11-21 10:17 2010-09-8 Show GitHub Exploit DB Packet Storm
314083 - mantisbt mantisbt Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allows remote authenticated users to inject arbitrary web script or HTML via an HTML document with a .gif filename extension, related… CWE-79
Cross-site Scripting 		CVE-2010-2802 2024-11-21 10:17 2010-09-8 Show GitHub Exploit DB Packet Storm
314084 - linux
suse
opensuse
canonical 		linux_kernel
linux_enterprise_desktop
linux_enterprise_server
opensuse
ubuntu_linux 		The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a d… CWE-476
 NULL Pointer Dereference 		CVE-2010-2954 2024-11-21 10:17 2010-09-4 Show GitHub Exploit DB Packet Storm
314085 - hp hp-ux Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. NVD-CWE-noinfo
CVE-2010-2712 2024-11-21 10:17 2010-08-31 Show GitHub Exploit DB Packet Storm
314086 - realnetworks realplayer Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 allows attackers to bypass intended access restrictions on files via unknown vectors. NVD-CWE-noinfo
CVE-2010-3002 2024-11-21 10:17 2010-08-31 Show GitHub Exploit DB Packet Storm
314087 - realnetworks realplayer
realplayer_sp 		Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and… NVD-CWE-noinfo
CVE-2010-3001 2024-11-21 10:17 2010-08-31 Show GitHub Exploit DB Packet Storm
314088 - realnetworks realplayer
realplayer_sp 		Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code … CWE-189
Numeric Errors 		CVE-2010-3000 2024-11-21 10:17 2010-08-31 Show GitHub Exploit DB Packet Storm
314089 - realnetworks realplayer Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers to execute arbitrary code via a malformed header in a RealMedia .IVR file. CWE-94
Code Injection 		CVE-2010-2996 2024-11-21 10:17 2010-08-31 Show GitHub Exploit DB Packet Storm
314090 - simone_rota slim_simple_login_manager The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the cu… CWE-16
Configuration 		CVE-2010-2945 2024-11-21 10:17 2010-08-31 Show GitHub Exploit DB Packet Storm