Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251901 4.3 警告 Tomatosoft - TomatoSoft Free Mp3 Player におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-5043 2012-01-5 16:12 2011-12-30 Show GitHub Exploit DB Packet Storm
251902 4.3 警告 gphemsley - SASHA の inc/lib/lib.base.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5042 2012-01-5 16:11 2011-12-30 Show GitHub Exploit DB Packet Storm
251903 4.3 警告 PulseCMS - Pulse Pro CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5041 2012-01-5 16:10 2011-12-30 Show GitHub Exploit DB Packet Storm
251904 4.3 警告 Infoproject - Infoproject Biznis Heroj におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5040 2012-01-5 14:27 2011-12-30 Show GitHub Exploit DB Packet Storm
251905 7.5 危険 Infoproject - Infoproject Biznis Heroj における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5039 2012-01-5 14:26 2011-12-30 Show GitHub Exploit DB Packet Storm
251906 7.5 危険 hitCode - hitCode hitAppoint における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5038 2012-01-5 14:24 2011-12-30 Show GitHub Exploit DB Packet Storm
251907 4.4 警告 ConfigServer - ConfigServer Security & Firewall におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5033 2012-01-5 14:21 2011-12-10 Show GitHub Exploit DB Packet Storm
251908 4.9 警告 WinMount - WinMount の WMDrive.sys におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-5032 2012-01-5 14:20 2011-12-29 Show GitHub Exploit DB Packet Storm
251909 7.5 危険 Shilpi Computers Limited. - cApexWEB の servlet/capexweb.parentvalidatepassword における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5031 2012-01-5 14:19 2011-12-29 Show GitHub Exploit DB Packet Storm
251910 3.5 注意 valthebald - Drupal 用 Meta tags quick モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5030 2012-01-5 14:18 2011-12-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
222201 7.5 HIGH
Network 		kind-of_project kind-of ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafte… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2019-20149 2024-11-21 13:38 2019-12-31 Show GitHub Exploit DB Packet Storm
222202 6.1 MEDIUM
Network 		laborator neon An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter. CWE-79
Cross-site Scripting 		CVE-2019-20141 2024-11-21 13:38 2019-12-31 Show GitHub Exploit DB Packet Storm
222203 5.4 MEDIUM
Network 		nagios nagios_xi In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. Any authenticated user can attack the admin … CWE-79
Cross-site Scripting 		CVE-2019-20139 2024-11-21 13:38 2019-12-31 Show GitHub Exploit DB Packet Storm
222204 7.5 HIGH
Network 		http_authentication_library_project http_authentication_library The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's crypto_pwhash_str is not used. CWE-327
CWE-916
 Use of a Broken or Risky Cryptographic Algorithm
 Use of Password Hash With Insufficient Computational Effort 		CVE-2019-20138 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
222205 5.5 MEDIUM
Local 		linux
debian
canonical 		linux_kernel
debian_linux
ubuntu_linux 		In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-20096 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
222206 5.5 MEDIUM
Local 		linux
opensuse
netapp 		linux_kernel
leap
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire
hci_management_node
active_iq_unified_manager
e-series_santricity_os_co… 		mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-20095 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
222207 5.5 MEDIUM
Local 		podofo_project
fedoraproject 		podofo
fedora 		The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtrac… CWE-476
 NULL Pointer Dereference 		CVE-2019-20093 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
222208 5.5 MEDIUM
Local 		axiosys bento4 An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp. CWE-476
 NULL Pointer Dereference 		CVE-2019-20092 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
222209 5.5 MEDIUM
Local 		axiosys bento4 An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap… CWE-476
 NULL Pointer Dereference 		CVE-2019-20091 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm
222210 7.8 HIGH
Local 		axiosys bento4 An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp. CWE-416
 Use After Free 		CVE-2019-20090 2024-11-21 13:38 2019-12-30 Show GitHub Exploit DB Packet Storm