Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252191	7.5	危険	アドビシステムズ	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4371	2012-01-13 16:50	2012-01-10	Show	GitHub Exploit DB Packet Storm

252192	9.3	危険	マイクロソフト	-	Microsoft Windows のカーネルにおける SafeSEH セキュリティ機能を回避される脆弱性	CWE-DesignError	CVE-2012-0001	2012-01-13 16:16	2012-01-10	Show	GitHub Exploit DB Packet Storm

252193	9.3	危険	マイクロソフト	-	Microsoft Windows の winmm.dll における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-0003	2012-01-13 16:10	2012-01-10	Show	GitHub Exploit DB Packet Storm

252194	9.3	危険	マイクロソフト	-	Microsoft Windows の DirectShow における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2012-0004	2012-01-13 16:07	2012-01-10	Show	GitHub Exploit DB Packet Storm

252195	4.3	警告	Cogent Real-Time Systems Inc.	-	Cogent DataHub におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0309	2012-01-13 15:59	2012-01-11	Show	GitHub Exploit DB Packet Storm

252196	4.3	警告	マイクロソフト	-	Microsoft Anti-Cross Site Scripting Library におけるクロスサイトスクリプティング攻撃の脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0007	2012-01-13 15:51	2012-01-10	Show	GitHub Exploit DB Packet Storm

252197	4.3	警告	Cogent Real-Time Systems Inc.	-	Cogent DataHub における HTTP ヘッダインジェクションの脆弱性	CWE-20 不適切な入力確認	CVE-2012-0310	2012-01-13 15:48	2012-01-11	Show	GitHub Exploit DB Packet Storm

252198	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品の Windows Packager 設定における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2012-0013	2012-01-13 15:45	2012-01-10	Show	GitHub Exploit DB Packet Storm

252199	10	危険	Final Draft	-	Final Draft におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-5059	2012-01-12 15:54	2012-01-10	Show	GitHub Exploit DB Packet Storm

252200	6.4	警告	3S-Smart Software Solutions	-	3S CoDeSys における任意のディレクトリを作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5058	2012-01-12 15:53	2012-01-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224861	6.6	MEDIUM Network	open-xchange	open-xchange_appsuite	OX App Suite through 7.10.2 has Incorrect Access Control.	CWE-276 Incorrect Default Permissions	CVE-2019-16716	2024-11-21 13:31	2020-01-7	Show	GitHub Exploit DB Packet Storm

224862	8.8	HIGH Network	tiny_file_manager_project	tiny_file_manager	In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-16790	2024-11-21 13:31	2019-12-31	Show	GitHub Exploit DB Packet Storm

224863	7.8	HIGH Local	k7computing	k7_ultimate_security	In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link…	CWE-59 Link Following	CVE-2019-16896	2024-11-21 13:31	2019-12-28	Show	GitHub Exploit DB Packet Storm

224864	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admi…	CWE-79 Cross-site Scripting	CVE-2019-16781	2024-11-21 13:31	2019-12-27	Show	GitHub Exploit DB Packet Storm

224865	8.2	HIGH Network	agendaless oracle debian fedoraproject redhat	waitress communications_cloud_native_core_network_function_cloud_native_environment debian_linux fedora openstack	In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress lead…	CWE-444 HTTP Request Smuggling	CVE-2019-16789	2024-11-21 13:31	2019-12-27	Show	GitHub Exploit DB Packet Storm

224866	5.4	MEDIUM Network	wordpress debian	wordpress debian_linux	WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an a…	CWE-79 Cross-site Scripting	CVE-2019-16780	2024-11-21 13:31	2019-12-27	Show	GitHub Exploit DB Packet Storm

224867	7.5	HIGH Network	agendaless oracle debian fedoraproject redhat	waitress communications_cloud_native_core_network_function_cloud_native_environment debian_linux fedora openstack	Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header …	CWE-444 HTTP Request Smuggling	CVE-2019-16786	2024-11-21 13:31	2019-12-21	Show	GitHub Exploit DB Packet Storm

224868	7.5	HIGH Network	agendaless oracle debian fedoraproject redhat	waitress communications_cloud_native_core_network_function_cloud_native_environment debian_linux fedora openstack	Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize…	CWE-444 HTTP Request Smuggling	CVE-2019-16785	2024-11-21 13:31	2019-12-21	Show	GitHub Exploit DB Packet Storm

224869	9.8	CRITICAL Network	beckhoff	twincat	Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol.	CWE-290 Authentication Bypass by Spoofing	CVE-2019-16871	2024-11-21 13:31	2019-12-20	Show	GitHub Exploit DB Packet Storm

224870	5.9	MEDIUM Network	rack_project fedoraproject opensuse	rack fedora leap	There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack session…	CWE-203 Information Exposure Through Discrepancy	CVE-2019-16782	2024-11-21 13:31	2019-12-19	Show	GitHub Exploit DB Packet Storm