Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227291 6 警告 tomatocms - TomatoCMS における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2010-1514 2012-12-20 19:29 2010-06-15 Show GitHub Exploit DB Packet Storm
227292 4.3 警告 tatsuhiro tsujikawa - aria2 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1512 2012-12-20 19:29 2010-05-17 Show GitHub Exploit DB Packet Storm
227293 3.5 注意 PmWiki - PmWiki の table 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1481 2012-12-20 19:29 2010-05-12 Show GitHub Exploit DB Packet Storm
227294 7.5 危険 rockettheme - Joomla! 用の Rokmodule コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1480 2012-12-20 19:29 2010-04-13 Show GitHub Exploit DB Packet Storm
227295 7.5 危険 rockettheme - Joomla! 用の Rokmodule コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1479 2012-12-20 19:29 2010-04-13 Show GitHub Exploit DB Packet Storm
227296 6.8 警告 ternaria - Joomla! 用の Ternaria Informatica jfeedback! コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1478 2012-12-20 19:29 2010-04-19 Show GitHub Exploit DB Packet Storm
227297 6.8 警告 ternaria - Joomla! 用の Preventive & Reservation コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1475 2012-12-20 19:29 2010-04-19 Show GitHub Exploit DB Packet Storm
227298 6.8 警告 supachai teasakul - Joomla! 用の Sweety Keeper コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1474 2012-12-20 19:29 2010-04-19 Show GitHub Exploit DB Packet Storm
227299 6.8 警告 ternaria - Joomla! 用の Ternaria Informatica JProject Manager コンポーネントにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1469 2012-12-20 19:29 2010-04-19 Show GitHub Exploit DB Packet Storm
227300 9.3 危険 trellian - Trellian FTP クライアントにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1465 2012-12-20 19:29 2010-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224851 7.8 HIGH
Local 		k7computing k7_ultimate_security In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link… CWE-59
Link Following 		CVE-2019-16896 2024-11-21 13:31 2019-12-28 Show GitHub Exploit DB Packet Storm
224852 5.4 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admi… CWE-79
Cross-site Scripting 		CVE-2019-16781 2024-11-21 13:31 2019-12-27 Show GitHub Exploit DB Packet Storm
224853 8.2 HIGH
Network 		agendaless
oracle
debian
fedoraproject
redhat 		waitress
communications_cloud_native_core_network_function_cloud_native_environment
debian_linux
fedora
openstack 		In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress lead… CWE-444
HTTP Request Smuggling 		CVE-2019-16789 2024-11-21 13:31 2019-12-27 Show GitHub Exploit DB Packet Storm
224854 5.4 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an a… CWE-79
Cross-site Scripting 		CVE-2019-16780 2024-11-21 13:31 2019-12-27 Show GitHub Exploit DB Packet Storm
224855 7.5 HIGH
Network 		agendaless
oracle
debian
fedoraproject
redhat 		waitress
communications_cloud_native_core_network_function_cloud_native_environment
debian_linux
fedora
openstack 		Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header … CWE-444
HTTP Request Smuggling 		CVE-2019-16786 2024-11-21 13:31 2019-12-21 Show GitHub Exploit DB Packet Storm
224856 7.5 HIGH
Network 		agendaless
oracle
debian
fedoraproject
redhat 		waitress
communications_cloud_native_core_network_function_cloud_native_environment
debian_linux
fedora
openstack 		Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize… CWE-444
HTTP Request Smuggling 		CVE-2019-16785 2024-11-21 13:31 2019-12-21 Show GitHub Exploit DB Packet Storm
224857 9.8 CRITICAL
Network 		beckhoff twincat Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. CWE-290
 Authentication Bypass by Spoofing 		CVE-2019-16871 2024-11-21 13:31 2019-12-20 Show GitHub Exploit DB Packet Storm
224858 5.9 MEDIUM
Network 		rack_project
fedoraproject
opensuse 		rack
fedora
leap 		There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack session… CWE-203
 Information Exposure Through Discrepancy 		CVE-2019-16782 2024-11-21 13:31 2019-12-19 Show GitHub Exploit DB Packet Storm
224859 9.8 CRITICAL
Network 		google tensorflow In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from in… CWE-681
 Incorrect Conversion between Numeric Types 		CVE-2019-16778 2024-11-21 13:31 2019-12-17 Show GitHub Exploit DB Packet Storm
224860 5.9 MEDIUM
Network 		excon_project
opensuse
debian 		excon
leap
backports_sle
debian_linux 		In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent req… CWE-362
Race Condition 		CVE-2019-16779 2024-11-21 13:31 2019-12-17 Show GitHub Exploit DB Packet Storm