Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250621	4.6	警告	オラクル	-	Oracle Primavera Products Suite の Primavera P6 Enterprise Project Portfolio Management コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3534	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

250622	5.5	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise SCM - Strategic Sourcing コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3524	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

250623	5	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3523	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

250624	4	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3522	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

250625	5.5	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise HCM ePay コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3521	2012-03-27 18:42	2010-10-13	Show	GitHub Exploit DB Packet Storm

250626	5.5	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise HCM - GP France コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3520	2012-03-27 18:42	2010-10-13	Show	GitHub Exploit DB Packet Storm

250627	4	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3519	2012-03-27 18:42	2010-10-13	Show	GitHub Exploit DB Packet Storm

250628	5.5	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise HCM GP - Japan コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3518	2012-03-27 18:42	2010-10-13	Show	GitHub Exploit DB Packet Storm

250629	2.6	注意	オラクル	-	Oracle OpenSolaris における Tooltalk の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2010-3511	2012-03-27 18:42	2010-10-13	Show	GitHub Exploit DB Packet Storm

250630	5.5	警告	オラクル	-	Oracle PeopleSoft および JDEdwards Suite の PeopleSoft Enterprise SCM OM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3533	2012-03-27 18:42	2010-10-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
209541	6.5	MEDIUM Network	indexhibit	indexhibit	An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files.	CWE-22 Path Traversal	CVE-2020-18127	2024-11-21 14:08	2021-08-31	Show	GitHub Exploit DB Packet Storm

209542	5.4	MEDIUM Network	indexhibit	indexhibit	Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML.	CWE-79 Cross-site Scripting	CVE-2020-18126	2024-11-21 14:08	2021-08-31	Show	GitHub Exploit DB Packet Storm

209543	6.1	MEDIUM Network	indexhibit	indexhibit	A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML.	CWE-79 Cross-site Scripting	CVE-2020-18125	2024-11-21 14:08	2021-08-31	Show	GitHub Exploit DB Packet Storm

209544	5.7	MEDIUM Network	indexhibit	indexhibit	A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords.	CWE-352 Origin Validation Error	CVE-2020-18124	2024-11-21 14:08	2021-08-31	Show	GitHub Exploit DB Packet Storm

209545	6.5	MEDIUM Network	indexhibit	indexhibit	A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts.	CWE-352 Origin Validation Error	CVE-2020-18123	2024-11-21 14:08	2021-08-31	Show	GitHub Exploit DB Packet Storm

209546	8.8	HIGH Network	indexhibit	indexhibit	A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-18121	2024-11-21 14:08	2021-08-31	Show	GitHub Exploit DB Packet Storm

209547	8.8	HIGH Network	youdiancms	youdiancms	A lack of filtering for searched keywords in the search bar of YouDianCMS 8.0 allows attackers to perform SQL injection.	CWE-89 SQL Injection	CVE-2020-18116	2024-11-21 14:08	2021-08-28	Show	GitHub Exploit DB Packet Storm

209548	9.8	CRITICAL Network	dedecms	dedecms	An arbitrary file upload vulnerability in the /uploads/dede component of DedeCMS V5.7SP2 allows attackers to upload a webshell in HTM format.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-18114	2024-11-21 14:08	2021-08-28	Show	GitHub Exploit DB Packet Storm

209549	9.8	CRITICAL Network	wms_project	wms	The GET parameter "id" in WMS v1.0 is passed without filtering, which allows attackers to perform SQL injection.	CWE-89 SQL Injection	CVE-2020-18106	2024-11-21 14:08	2021-08-28	Show	GitHub Exploit DB Packet Storm

209550	6.1	MEDIUM Network	jupo	mezzanine	Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than …	CWE-79 Cross-site Scripting	CVE-2020-19002	2024-11-21 14:08	2021-08-28	Show	GitHub Exploit DB Packet Storm