Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227871 6.8 警告 stafford.uklinux - libESMTP における任意の SSL サーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2010-1192 2012-12-20 19:29 2010-03-31 Show GitHub Exploit DB Packet Storm
227872 6.4 警告 sahanafoundation - Sahana 災害管理システムにおけるアクセス制限を回避される脆弱性 CWE-287
不適切な認証 		CVE-2010-1191 2012-12-20 19:29 2010-03-31 Show GitHub Exploit DB Packet Storm
227873 10 危険 SAP - SAP MaxDB の serv.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1185 2012-12-20 19:29 2010-03-29 Show GitHub Exploit DB Packet Storm
227874 3.3 注意 サン・マイクロシステムズ - Oracle Solaris の特定の patch-installation スクリプトにおける任意のファイルへのデータを追加される脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-1183 2012-12-20 19:29 2010-03-29 Show GitHub Exploit DB Packet Storm
227875 4.3 警告 phpmysite - phpMySite の contact.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1091 2012-12-20 19:29 2010-03-24 Show GitHub Exploit DB Packet Storm
227876 7.5 危険 phpmysite - phpMySite の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1090 2012-12-20 19:29 2010-03-24 Show GitHub Exploit DB Packet Storm
227877 7.5 危険 phptroubleticket - PHP Trouble Ticket の vedi_faq.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1089 2012-12-20 19:29 2010-03-24 Show GitHub Exploit DB Packet Storm
227878 4.3 警告 PulseCMS - Pulse CMS の view.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1080 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227879 4.3 警告 Sawmill - Sawmill におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1079 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227880 7.5 危険 sphere.xlentprojects - XlentProjects SphereCMSSpey の archive.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1078 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221031 8.8 HIGH
Network 		gitlab gitlab A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed… CWE-287
Improper Authentication 		CVE-2019-5486 2024-11-21 13:45 2019-12-19 Show GitHub Exploit DB Packet Storm
221032 7.5 HIGH
Network 		xmlsoft
debian 		libxslt
debian_linux 		Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data. CWE-787
CWE-843
 Out-of-bounds Write
Type Confusion 		CVE-2019-5815 2024-11-21 13:45 2019-12-11 Show GitHub Exploit DB Packet Storm
221033 8.8 HIGH
Network 		google chrome Out of bounds memory access in JavaScript in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CWE-787
 Out-of-bounds Write 		CVE-2019-5843 2024-11-21 13:45 2019-12-11 Show GitHub Exploit DB Packet Storm
221034 8.8 HIGH
Network 		google chrome Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CWE-787
 Out-of-bounds Write 		CVE-2019-5841 2024-11-21 13:45 2019-12-11 Show GitHub Exploit DB Packet Storm
221035 9.8 CRITICAL
Network 		vmware
redhat
openslp
fedoraproject 		esxi
horizon_daas
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_server_tu… 		OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base sco… CWE-787
 Out-of-bounds Write 		CVE-2019-5544 2024-11-21 13:45 2019-12-7 Show GitHub Exploit DB Packet Storm
221036 6.5 MEDIUM
Network 		google chrome Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CWE-787
CWE-416
 Out-of-bounds Write
 Use After Free 		CVE-2019-5826 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm
221037 6.5 MEDIUM
Network 		google chrome Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CWE-787
 Out-of-bounds Write 		CVE-2019-5825 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm
221038 8.1 HIGH
Network 		google chrome Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CWE-125
Out-of-bounds Read 		CVE-2019-5881 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm
221039 7.4 HIGH
Network 		google chrome Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CWE-200
Information Exposure 		CVE-2019-5880 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm
221040 6.5 MEDIUM
Network 		google chrome Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome… CWE-863
 Incorrect Authorization 		CVE-2019-5879 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm