Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230221 4.3 警告 ownCloud - ownCloud におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-5606 2012-12-19 15:58 2012-10-24 Show GitHub Exploit DB Packet Storm
230222 10 危険 サン・マイクロシステムズ
サイバートラスト株式会社
VMware
ヒューレット・パッカード
レッドハット		 - 複数の Oracle 製品の 2D コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-3556 2012-12-19 15:48 2010-10-12 Show GitHub Exploit DB Packet Storm
230223 7.5 危険 The GIMP Team - GIMP の X Window Dump プラグインにおけるサービス運用妨害 (クラッシュ) の脆弱性 CWE-119
バッファエラー 		CVE-2012-5576 2012-12-19 15:45 2012-11-7 Show GitHub Exploit DB Packet Storm
230224 6.4 警告 VMware
Apache Software Foundation		 - Apache Struts における任意のファイルを作成または上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0393 2012-12-19 15:43 2012-01-8 Show GitHub Exploit DB Packet Storm
230225 5 警告 Sensio Labs - Symfony CMS の lib/form/sfForm.class.php における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-5574 2012-12-19 15:41 2012-11-25 Show GitHub Exploit DB Packet Storm
230226 4 警告 OpenStack - OpenStack Keystone における承認の制限を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-5563 2012-12-19 14:52 2012-11-28 Show GitHub Exploit DB Packet Storm
230227 7.5 危険 bogofilter - bogofilter の bogolexer コンポーネントにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5468 2012-12-19 14:46 2012-12-3 Show GitHub Exploit DB Packet Storm
230228 5.1 警告 The PHP Group - PHP の rand などの関数におけるセキュリティの問題を悪用される脆弱性 CWE-189
数値処理の問題 		CVE-2008-4107 2012-12-19 14:22 2008-09-11 Show GitHub Exploit DB Packet Storm
230229 6.8 警告 ownCloud - ownCloud の lib/migrate.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2012-4389 2012-12-19 14:21 2012-08-15 Show GitHub Exploit DB Packet Storm
230230 4 警告 ownCloud - ownCloud における登録されたユーザを列挙される脆弱性 CWE-200
情報漏えい 		CVE-2012-4390 2012-12-19 14:20 2012-08-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211821 9.8 CRITICAL
Network 		mozilla
redhat 		firefox
firefox_esr
thunderbird
enterprise_linux
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus 		The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory c… CWE-787
 Out-of-bounds Write 		CVE-2019-9792 2024-11-21 13:52 2019-04-27 Show GitHub Exploit DB Packet Storm
211822 9.8 CRITICAL
Network 		mozilla thunderbird
firefox
firefox_esr 		A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially e… CWE-416
 Use After Free 		CVE-2019-9790 2024-11-21 13:52 2019-04-27 Show GitHub Exploit DB Packet Storm
211823 9.8 CRITICAL
Network 		mozilla firefox Mozilla developers and community members reported memory safety bugs present in Firefox 65. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… CWE-787
 Out-of-bounds Write 		CVE-2019-9789 2024-11-21 13:52 2019-04-27 Show GitHub Exploit DB Packet Storm
211824 9.8 CRITICAL
Network 		mozilla
redhat 		firefox
firefox_esr
thunderbird
enterprise_linux
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus 		The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the con… CWE-843
Type Confusion 		CVE-2019-9791 2024-11-21 13:52 2019-04-27 Show GitHub Exploit DB Packet Storm
211825 9.8 CRITICAL
Network 		mozilla
redhat 		firefox
firefox_esr
thunderbird
enterprise_linux
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus 		Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we pres… CWE-787
 Out-of-bounds Write 		CVE-2019-9788 2024-11-21 13:52 2019-04-27 Show GitHub Exploit DB Packet Storm
211826 6.1 MEDIUM
Network 		wordfence wordfence The Wordfence plugin 7.2.3 for WordPress allows XSS via a unique attack vector. NOTE: It has been asserted that this is not a valid vulnerability in the context of the Wordfence WordPress plugin as t… CWE-79
Cross-site Scripting 		CVE-2019-9669 2024-11-21 13:52 2019-04-26 Show GitHub Exploit DB Packet Storm
211827 10.0 CRITICAL
Network 		envoyproxy envoy Envoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative path, e.g., something/../admin, to bypass access control, e.g., a block on /admin. A backend server co… CWE-706
 Use of Incorrectly-Resolved Name or Reference 		CVE-2019-9901 2024-11-21 13:52 2019-04-26 Show GitHub Exploit DB Packet Storm
211828 8.3 HIGH
Network 		envoyproxy
redhat 		envoy
openshift_service_mesh 		When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL char… CWE-74
Injection 		CVE-2019-9900 2024-11-21 13:52 2019-04-26 Show GitHub Exploit DB Packet Storm
211829 6.5 MEDIUM
Network 		google tensorflow NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file. CWE-476
 NULL Pointer Dereference 		CVE-2019-9635 2024-11-21 13:52 2019-04-25 Show GitHub Exploit DB Packet Storm
211830 9.8 CRITICAL
Network 		western_digital my_cloud_mirror_gen_2_firmware
my_cloud_ex2_ultra_firmware
my_cloud_ex2100_firmware
my_cloud_ex4100
my_cloud_dl2100
my_cloud_dl4100_firmware
my_cloud_pr2100_firmware
my_cloud_pr4… 		Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-9951 2024-11-21 13:52 2019-04-25 Show GitHub Exploit DB Packet Storm