Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226591 4 警告 Moodle - Moodle におけるカスタム結果を標準のサイト全体の成果に変換される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6098 2013-01-29 16:51 2013-01-21 Show GitHub Exploit DB Packet Storm
226592 5 警告 General Electric Company - GE Intelligent Platforms Proficy Real-Time Information Portal におけるユーザ名のリストを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0652 2013-01-29 16:49 2013-01-22 Show GitHub Exploit DB Packet Storm
226593 5 警告 General Electric Company - GE Intelligent Platforms Proficy Real-Time Information Portal における設定ファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0651 2013-01-29 16:48 2013-01-22 Show GitHub Exploit DB Packet Storm
226594 6.8 警告 レッドハット - FreeIPA のクライアントにおけるドメイン参加の処理を偽装される脆弱性 CWE-310
暗号の問題 		CVE-2012-5484 2013-01-29 16:48 2013-01-23 Show GitHub Exploit DB Packet Storm
226595 5 警告 トリップアドバイザー - TripAdvisor for iOS における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2012-4917 2013-01-29 16:47 2013-01-26 Show GitHub Exploit DB Packet Storm
226596 9.3 危険 CoolPDF Software - CoolPDF の Reader におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-4914 2013-01-29 16:47 2013-01-26 Show GitHub Exploit DB Packet Storm
226597 10 危険 ヒューレット・パッカード - HP Diagnostics Server におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-3278 2013-01-29 16:43 2013-01-22 Show GitHub Exploit DB Packet Storm
226598 5.8 警告 Novell - WebYaST にホスト一覧を改ざんされる脆弱性 CWE-noinfo
情報不足 		CVE-2012-0435 2013-01-29 14:10 2013-01-28 Show GitHub Exploit DB Packet Storm
226599 10 危険 IBM - IBM WebSphere Application Server における脆弱性 CWE-noinfo
情報不足 		CVE-2013-0462 2013-01-29 11:49 2013-01-23 Show GitHub Exploit DB Packet Storm
226600 4.3 警告 IBM - IBM WebSphere Application Server の Virtual Member Manager 管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0461 2013-01-29 11:49 2013-01-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224201 9.8 CRITICAL
Network 		oniguruma_project
debian
fedoraproject
redhat 		oniguruma
debian_linux
fedora
enterprise_linux 		An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker… CWE-125
CWE-190
Out-of-bounds Read
 Integer Overflow or Wraparound 		CVE-2019-19012 2024-11-21 13:33 2019-11-18 Show GitHub Exploit DB Packet Storm
224202 7.5 HIGH
Network 		miniupnp_project ngiflib MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. CWE-476
 NULL Pointer Dereference 		CVE-2019-19011 2024-11-21 13:33 2019-11-18 Show GitHub Exploit DB Packet Storm
224203 9.8 CRITICAL
Network 		limnoria_project
fedoraproject 		limnoria
fedora 		Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impa… CWE-94
Code Injection 		CVE-2019-19010 2024-11-21 13:33 2019-11-16 Show GitHub Exploit DB Packet Storm
224204 7.8 HIGH
Local 		symantec endpoint_protection Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applic… NVD-CWE-noinfo
CVE-2019-18372 2024-11-21 13:33 2019-11-16 Show GitHub Exploit DB Packet Storm
224205 5.3 MEDIUM
Network 		mediawiki abusefilter An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, t… CWE-200
Information Exposure 		CVE-2019-18987 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
224206 7.5 HIGH
Network 		pimcore pimcore Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2019-18986 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
224207 9.8 CRITICAL
Network 		pimcore pimcore Pimcore before 6.2.2 lacks brute force protection for the 2FA token. CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2019-18985 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
224208 6.1 MEDIUM
Network 		pimcore pimcore bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header. CWE-79
Cross-site Scripting 		CVE-2019-18982 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
224209 9.8 CRITICAL
Network 		pimcore pimcore Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. NVD-CWE-noinfo
CWE-838
 Inappropriate Encoding for Output Context 		CVE-2019-18981 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm
224210 9.8 CRITICAL
Network 		cyrus
fedoraproject
debian 		imap
fedora
debian_linux 		Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived… NVD-CWE-noinfo
CVE-2019-18928 2024-11-21 13:33 2019-11-15 Show GitHub Exploit DB Packet Storm