Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228401 6.8 警告 サン・マイクロシステムズ
日本電気
オラクル		 - Oracle Java 7 に脆弱性 CWE-noinfo
情報不足 		CVE-2012-4681 2013-02-4 17:51 2012-08-28 Show GitHub Exploit DB Packet Storm
228402 7.8 危険 MiniUPnP Project - MiniUPnP MiniUPnPd の HTTP サービスにおける整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2013-1462 2013-02-4 16:38 2013-01-31 Show GitHub Exploit DB Packet Storm
228403 7.8 危険 MiniUPnP Project - MiniUPnP MiniUPnPd の HTTP サービスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-1461 2013-02-4 16:37 2013-01-31 Show GitHub Exploit DB Packet Storm
228404 10 危険 MiniUPnP Project - MiniUPnP MiniUPnPd の HTTP サービスにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0230 2013-02-4 16:37 2013-01-31 Show GitHub Exploit DB Packet Storm
228405 7.8 危険 MiniUPnP Project - MiniUPnP MiniUPnPd の SSDP ハンドラにおけるサービス運用妨害 (サービスクラッシュ) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0229 2013-02-4 16:36 2013-01-31 Show GitHub Exploit DB Packet Storm
228406 7.6 危険 DELL EMC (旧 EMC Corporation) - EMC AlphaStor の Drive Control Program におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0930 2013-02-4 16:26 2013-01-31 Show GitHub Exploit DB Packet Storm
228407 9.3 危険 オラクル - Oracle Java SE 7 Update 11 における Java セキュリティサンドボックスを回避される脆弱性 CWE-noinfo
情報不足 		CVE-2013-1490 2013-02-4 16:25 2013-01-31 Show GitHub Exploit DB Packet Storm
228408 4.3 警告 シスコシステムズ - Cisco Unified Communications Domain Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1113 2013-02-1 16:13 2013-01-25 Show GitHub Exploit DB Packet Storm
228409 5 警告 シスコシステムズ - Cisco Carrier Routing System におけるサービス運用妨害 (パケットロス) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1112 2013-02-1 16:13 2013-01-25 Show GitHub Exploit DB Packet Storm
228410 4.3 警告 IBM - IBM Cognos TM1 の Web コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6350 2013-02-1 16:12 2013-01-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221071 8.8 HIGH
Network 		gstreamer_project
debian
canonical 		gstreamer
debian_linux
ubuntu_linux 		GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. CWE-787
 Out-of-bounds Write 		CVE-2019-9928 2024-11-21 13:52 2019-04-25 Show GitHub Exploit DB Packet Storm
221072 7.5 HIGH
Network 		aquaverde aquarius_cms Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file due to an overwriting of configuration parameters under certain circumstances. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2019-9734 2024-11-21 13:52 2019-04-25 Show GitHub Exploit DB Packet Storm
221073 7.5 HIGH
Network 		aquaverde aquarius_cms aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an error in the Log-File writer component. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2019-9724 2024-11-21 13:52 2019-04-24 Show GitHub Exploit DB Packet Storm
221074 6.1 MEDIUM
Network 		vestacp control_panel Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL. CWE-79
Cross-site Scripting 		CVE-2019-9841 2024-11-21 13:52 2019-04-20 Show GitHub Exploit DB Packet Storm
221075 6.1 MEDIUM
Network 		zyxel atp200_firmware
atp500_firmware
atp800_firmware
usg20-vpn_firmware
usg20w-vpn_firmware
usg40_firmware
usg40w_firmware
usg60_firmware
usg60w_firmware
usg110_firmware
usg2… 		On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security … CWE-79
Cross-site Scripting 		CVE-2019-9955 2024-11-21 13:52 2019-04-23 Show GitHub Exploit DB Packet Storm
221076 9.1 CRITICAL
Network 		gitlab gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions. NVD-CWE-noinfo
CVE-2019-9890 2024-11-21 13:52 2019-04-18 Show GitHub Exploit DB Packet Storm
221077 9.8 CRITICAL
Network 		gitlab gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2019-9756 2024-11-21 13:52 2019-04-18 Show GitHub Exploit DB Packet Storm
221078 9.8 CRITICAL
Network 		miniblog.core_project miniblog.core madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs wr… CWE-20
 Improper Input Validation  		CVE-2019-9845 2024-11-21 13:52 2019-04-17 Show GitHub Exploit DB Packet Storm
221079 7.5 HIGH
Network 		xmltooling_project
canonical
opensuse 		xmltooling
ubuntu_linux
leap 		The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an … CWE-755
 Improper Handling of Exceptional Conditions 		CVE-2019-9628 2024-11-21 13:52 2019-04-12 Show GitHub Exploit DB Packet Storm
221080 8.8 HIGH
Network 		dasannetworks h660rm_firmware The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web inter… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2019-9976 2024-11-21 13:52 2019-04-12 Show GitHub Exploit DB Packet Storm