Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226161	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR におけるクロスドメインポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2458	2013-03-27 17:29	2011-11-10	Show	GitHub Exploit DB Packet Storm

226162	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2457	2013-03-27 17:27	2011-11-10	Show	GitHub Exploit DB Packet Storm

226163	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性	CWE-noinfo 情報不足	CVE-2011-2456	2013-03-27 17:26	2011-11-10	Show	GitHub Exploit DB Packet Storm

226164	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2455	2013-03-27 17:25	2011-11-10	Show	GitHub Exploit DB Packet Storm

226165	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2454	2013-03-27 17:24	2011-11-10	Show	GitHub Exploit DB Packet Storm

226166	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2453	2013-03-27 17:22	2011-11-10	Show	GitHub Exploit DB Packet Storm

226167	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2452	2013-03-27 17:19	2011-11-10	Show	GitHub Exploit DB Packet Storm

226168	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2451	2013-03-27 17:18	2011-11-10	Show	GitHub Exploit DB Packet Storm

226169	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2450	2013-03-27 17:16	2011-11-10	Show	GitHub Exploit DB Packet Storm

226170	10	危険	ヒューレット・パッカードアドビシステムズオラクル	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2445	2013-03-27 17:14	2011-11-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223221	5.3	MEDIUM Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Several full path disclosure vulnerability were discovered. A user, even with no authentication, may simply send ar…	CWE-209 Information Exposure Through an Error Message	CVE-2019-19993	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223222	6.5	MEDIUM Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. A user with valid credentials is able to read XML files on the filesystem via the web interface. The PHP page /comm…	CWE-20 Improper Input Validation	CVE-2019-19992	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223223	5.4	MEDIUM Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Multiple Reflected Cross-site scripting (XSS) vulnerabilities allow remote authenticated users to inject arbitrary …	CWE-79 Cross-site Scripting	CVE-2019-19991	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223224	5.4	MEDIUM Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Multiple Stored Cross-site scripting (XSS) vulnerabilities allow remote authenticated users to inject arbitrary web…	CWE-79 Cross-site Scripting	CVE-2019-19990	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223225	7.5	HIGH Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Several PHP pages, and other type of files, are reachable by any user without checking for user identity and author…	CWE-862 Missing Authorization	CVE-2019-19989	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223226	8.8	HIGH Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. A user with valid credentials is able to create and write XML files on the filesystem via /common/vam_editXml.php i…	CWE-787 Out-of-bounds Write	CVE-2019-19988	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223227	6.5	MEDIUM Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. It allows Cross-Site Request Forgery (CSRF) on any HTML form. An attacker can exploit the vulnerability to abuse fu…	CWE-352 Origin Validation Error	CVE-2019-19987	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223228	7.5	HIGH Network	seling	visual_access_manager	An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. An attacker without authentication is able to execute arbitrary SQL SELECT statements by injecting the HTTP (POST o…	CWE-89 SQL Injection	CVE-2019-19986	2024-11-21 13:35	2020-02-27	Show	GitHub Exploit DB Packet Storm

223229	7.5	HIGH Network	atos	unify_openscape_uc_web_client	Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to ge…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2019-19866	2024-11-21 13:35	2020-02-22	Show	GitHub Exploit DB Packet Storm

223230	6.1	MEDIUM Network	atos	unify_openscape_uc_web_client	Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary J…	CWE-79 Cross-site Scripting	CVE-2019-19865	2024-11-21 13:35	2020-02-22	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed