Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251411	7.5	危険	Kerry Thompson drusus	-	Logsurfer および Logsurfer+ におけるメモリ二重解放の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3626	2012-02-1 16:24	2012-01-27	Show	GitHub Exploit DB Packet Storm

251412	5	警告	The Support Incident Tracker Project	-	Support Incident Tracker の translate.php における重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2011-5075	2012-02-1 16:20	2011-11-13	Show	GitHub Exploit DB Packet Storm

251413	6.8	警告	The Support Incident Tracker Project	-	Support Incident Tracker におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-5074	2012-02-1 16:18	2012-01-29	Show	GitHub Exploit DB Packet Storm

251414	5.8	警告	The Support Incident Tracker Project	-	Support Incident Tracker におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5073	2012-02-1 16:18	2012-01-29	Show	GitHub Exploit DB Packet Storm

251415	7.5	危険	The Support Incident Tracker Project	-	Support Incident Tracker における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5072	2012-02-1 16:17	2012-01-29	Show	GitHub Exploit DB Packet Storm

251416	7.5	危険	The Support Incident Tracker Project	-	Support Incident Tracker における任意の PHP コードを実行可能な言語ファイルに挿入される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4337	2012-02-1 16:17	2011-11-13	Show	GitHub Exploit DB Packet Storm

251417	7.5	危険	The Support Incident Tracker Project	-	Support Incident Tracker における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5071	2012-02-1 16:16	2012-01-29	Show	GitHub Exploit DB Packet Storm

251418	4.3	警告	The Support Incident Tracker Project	-	Support Incident Tracker におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5070	2012-02-1 16:16	2012-01-29	Show	GitHub Exploit DB Packet Storm

251419	6	警告	The Support Incident Tracker Project	-	Support Incident Tracker の incident_attachments.php における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2011-5069	2012-02-1 16:15	2012-01-29	Show	GitHub Exploit DB Packet Storm

251420	6.8	警告	The Support Incident Tracker Project	-	Support Incident Tracker におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-5068	2012-02-1 16:11	2012-01-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223321	9.8	CRITICAL Network	raonwiz	dext5	Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex metho…	NVD-CWE-noinfo	CVE-2019-19168	2024-11-21 13:34	2020-05-6	Show	GitHub Exploit DB Packet Storm

223322	9.8	CRITICAL Network	tobesoft	nexacro	Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control. It allows attacker to cause remote code execut…	NVD-CWE-noinfo	CVE-2019-19167	2024-11-21 13:34	2020-05-6	Show	GitHub Exploit DB Packet Storm

223323	7.8	HIGH Local	tobesoft	xplatform	Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution.	NVD-CWE-noinfo	CVE-2019-19166	2024-11-21 13:34	2020-05-6	Show	GitHub Exploit DB Packet Storm

223324	8.8	HIGH Network	intelbras	action_rf_1200_firmware	Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process.	CWE-352 Origin Validation Error	CVE-2019-19517	2024-11-21 13:34	2020-05-6	Show	GitHub Exploit DB Packet Storm

223325	6.1	MEDIUM Network	ayision	ays-wr01_firmware	Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in wireless settings.	CWE-79 Cross-site Scripting	CVE-2019-19515	2024-11-21 13:34	2020-05-6	Show	GitHub Exploit DB Packet Storm

223326	5.4	MEDIUM Network	ayision	ays-wr01_firmware	Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID.	CWE-79 Cross-site Scripting	CVE-2019-19514	2024-11-21 13:34	2020-05-6	Show	GitHub Exploit DB Packet Storm

223327	8.8	HIGH Network	bmcsoftware	control-m\/agent	BMC Control-M/Agent 7.0.00.000 allows OS Command Injection (issue 2 of 2).	CWE-78 OS Command	CVE-2019-19220	2024-11-21 13:34	2020-04-30	Show	GitHub Exploit DB Packet Storm

223328	7.5	HIGH Network	bmcsoftware	control-m\/agent	BMC Control-M/Agent 7.0.00.000 allows Arbitrary File Download.	NVD-CWE-noinfo	CVE-2019-19219	2024-11-21 13:34	2020-04-30	Show	GitHub Exploit DB Packet Storm

223329	7.5	HIGH Network	bmcsoftware	control-m\/agent	BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage.	CWE-522 CWE-732 Insufficiently Protected Credentials Incorrect Permission Assignment for Critical Resource	CVE-2019-19218	2024-11-21 13:34	2020-04-30	Show	GitHub Exploit DB Packet Storm

223330	8.8	HIGH Network	bmcsoftware	control-m\/agent	BMC Control-M/Agent 7.0.00.000 allows OS Command Injection.	CWE-78 OS Command	CVE-2019-19217	2024-11-21 13:34	2020-04-30	Show	GitHub Exploit DB Packet Storm