Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230301	7.5	危険	turnkey web tools	-	Turnkey Web Tools PHP Live Helper の global.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4051	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230302	2.1	注意	サン・マイクロシステムズ	-	Sun Ray Server Software のユーティリティ utxconfig における任意のファイルを上書きされる脆弱性	-	CVE-2006-4049	2012-12-20 18:02	2006-07-7	Show	GitHub Exploit DB Packet Storm

230303	7.5	危険	torbstoff	-	Torbstoff News の news.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4045	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230304	7.5	危険	pike	-	Pike における SQL インジェクションの脆弱性	-	CVE-2006-4041	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230305	7.5	危険	zonemetrics	-	ZoneMetrics ZoneX Publishers Gold Edition の includes/usercp_register.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4036	2012-12-20 18:02	2006-08-9	Show	GitHub Exploit DB Packet Storm

230306	10	危険	WordPress.org	-	WordPress における脆弱性	CWE-noinfo 情報不足	CVE-2006-4028	2012-12-20 18:02	2006-07-29	Show	GitHub Exploit DB Packet Storm

230307	7.5	危険	Red Graphic Systems	-	SAPID CMS における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-4026	2012-12-20 18:02	2006-08-8	Show	GitHub Exploit DB Packet Storm

230308	7.5	危険	xennobb	-	XennoBB の profile.php における SQL インジェクションの脆弱性	-	CVE-2006-4025	2012-12-20 18:02	2006-08-8	Show	GitHub Exploit DB Packet Storm

230309	2.6	注意	scatterchat	-	ScatterChat の cryptographic モジュールにおける大量のメッセージのパターンを特定される脆弱性	-	CVE-2006-4021	2012-12-20 18:02	2006-08-17	Show	GitHub Exploit DB Packet Storm

230310	4.3	警告	toenda software development	-	toendaCMS stable および unstable の /toendaCMS におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4016	2012-12-20 18:02	2006-08-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212291	9.8	CRITICAL Network	jetbrains	intellij_idea	In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. …	CWE-312 CWE-522 Cleartext Storage of Sensitive Information Insufficiently Protected Credentials	CVE-2019-9873	2024-11-21 13:52	2019-07-4	Show	GitHub Exploit DB Packet Storm

212292	9.8	CRITICAL Network	jetbrains	intellij_idea	In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration fil…	CWE-312 CWE-522 Cleartext Storage of Sensitive Information Insufficiently Protected Credentials	CVE-2019-9823	2024-11-21 13:52	2019-07-4	Show	GitHub Exploit DB Packet Storm

212293	8.1	HIGH Network	jetbrains	intellij_idea	In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE …	CWE-312 CWE-522 Cleartext Storage of Sensitive Information Insufficiently Protected Credentials	CVE-2019-9872	2024-11-21 13:52	2019-07-4	Show	GitHub Exploit DB Packet Storm

212294	7.8	HIGH Local	symantec	endpoint_encryption	Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that ar…	NVD-CWE-noinfo	CVE-2019-9703	2024-11-21 13:52	2019-07-2	Show	GitHub Exploit DB Packet Storm

212295	7.8	HIGH Local	symantec	endpoint_encryption	Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that ar…	NVD-CWE-noinfo	CVE-2019-9702	2024-11-21 13:52	2019-07-2	Show	GitHub Exploit DB Packet Storm

212296	7.5	HIGH Network	diffplug	gradle maven	In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and before 3.20.0 (Gradle plugin), the XML parser would resolve external entities over both HTTP and HTTPS and didn't respect the resolve…	CWE-611 XXE	CVE-2019-9843	2024-11-21 13:52	2019-06-29	Show	GitHub Exploit DB Packet Storm

212297	8.8	HIGH Network	rockoa	rockoa	RockOA 1.8.7 allows remote attackers to obtain sensitive information because the webmain/webmainAction.php publictreestore method constructs a SQL WHERE clause unsafely by using the pidfields and idf…	CWE-89 SQL Injection	CVE-2019-9846	2024-11-21 13:52	2019-06-29	Show	GitHub Exploit DB Packet Storm

212298	5.3	MEDIUM Network	amd opensuse	secure_encrypted_virtualization_firmware leap	Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic imp…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2019-9836	2024-11-21 13:52	2019-06-26	Show	GitHub Exploit DB Packet Storm

212299	8.8	HIGH Network	quadbase	espressreport_enterprise_server	CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues…	CWE-352 Origin Validation Error	CVE-2019-9958	2024-11-21 13:52	2019-06-25	Show	GitHub Exploit DB Packet Storm

212300	5.4	MEDIUM Network	quadbase	espressreport_es	Stored XSS within Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The XSS payload is sto…	CWE-79 Cross-site Scripting	CVE-2019-9957	2024-11-21 13:52	2019-06-25	Show	GitHub Exploit DB Packet Storm