Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227881 6.8 警告 VBSEO - vBulletin 用の Crawlability vBSEO プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1077 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227882 4.3 警告 sniggabo - Sniggabo CMS の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1072 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227883 7.5 危険 phpmdj - phpMDJ の profil.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1071 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227884 7.5 危険 proarcadescript - ProArcadeScript の games/game.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1069 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227885 5 警告 the-ghost - AWCM におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1066 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227886 6.8 警告 PHP工房 - Phpkobo Free Real Estate Contact Form におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1063 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227887 6.8 警告 PHP工房 - Phpkobo Free Real Estate Contact Form の codelib/sys/common.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1062 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227888 6.8 警告 PHP工房 - Phpkobo Short URL におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1061 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227889 6.8 警告 PHP工房 - Phpkobo Short URL の staff/app/common.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1060 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227890 6.8 警告 PHP工房 - Phpkobo Address Book Script の codelib/cfg/common.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1059 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 29, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221021 2.7 LOW
Network 		ibm security_identity_manager_virtual_appliance IBM Security Identity Manager Virtual Appliance 7.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 172015. NVD-CWE-noinfo
CVE-2019-4705 2024-11-21 13:44 2020-07-2 Show GitHub Exploit DB Packet Storm
221022 4.3 MEDIUM
Network 		ibm security_identity_manager_virtual_appliance IBM Security Identity Manager Virtual Appliance 7.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http://… CWE-311
Missing Encryption of Sensitive Data 		CVE-2019-4704 2024-11-21 13:44 2020-07-2 Show GitHub Exploit DB Packet Storm
221023 5.3 MEDIUM
Adjacent 		huawei alp-al00b_firmware
alp-l09_firmware
alp-l29_firmware
bla-l29c_firmware
berkeley-al20_firmware
berkeley-l09_firmware
charlotte-l09c_firmware
charlotte-l29c_firmware
columbia-al… 		There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insuffic… CWE-20
 Improper Input Validation  		CVE-2019-5303 2024-11-21 13:44 2020-04-28 Show GitHub Exploit DB Packet Storm
221024 5.3 MEDIUM
Adjacent 		huawei alp-al00b_firmware
alp-l09_firmware
alp-l29_firmware
bla-l29c_firmware
berkeley-al20_firmware
berkeley-l09_firmware
charlotte-l09c_firmware
charlotte-l29c_firmware
columbia-al… 		There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insuffic… CWE-20
 Improper Input Validation  		CVE-2019-5302 2024-11-21 13:44 2020-04-28 Show GitHub Exploit DB Packet Storm
221025 4.3 MEDIUM
Network 		ibm
netapp 		cognos_analytics
oncommand_insight 		IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in … CWE-209
Information Exposure Through an Error Message 		CVE-2019-4729 2024-11-21 13:44 2020-04-27 Show GitHub Exploit DB Packet Storm
221026 5.3 MEDIUM
Network 		ibm cloud_app_management IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: … CWE-200
Information Exposure 		CVE-2019-4751 2024-11-21 13:44 2020-04-25 Show GitHub Exploit DB Packet Storm
221027 8.8 HIGH
Network 		ibm cloud_app_management IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the… CWE-352
 Origin Validation Error 		CVE-2019-4750 2024-11-21 13:44 2020-04-25 Show GitHub Exploit DB Packet Storm
221028 4.6 MEDIUM
Physics 		ibm maas360 IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705. NVD-CWE-noinfo
CVE-2019-4735 2024-11-21 13:44 2020-04-24 Show GitHub Exploit DB Packet Storm
221029 5.4 MEDIUM
Network 		ibm maximo_for_life_sciences
maximo_for_transportation
control_desk
maximo_asset_management
maximo_for_oil_and_gas
tivoli_integration_composer
maximo_for_aviation
maximo_for_utilitie… 		IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent… CWE-79
Cross-site Scripting 		CVE-2019-4749 2024-11-21 13:44 2020-04-17 Show GitHub Exploit DB Packet Storm
221030 7.5 HIGH
Network 		ibm mq IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function. IBM X-Force ID: 173625. NVD-CWE-noinfo
CVE-2019-4762 2024-11-21 13:44 2020-04-17 Show GitHub Exploit DB Packet Storm