Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252241	4.3	警告	マイクロソフト	-	ASP.NET におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2011-06-15 14:16	2011-06-15	Show	GitHub Exploit DB Packet Storm

252242	4.3	警告	マイクロソフト	-	Internet Explorer におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2011-06-15 14:16	2011-06-15	Show	GitHub Exploit DB Packet Storm

252243	4.3	警告	マイクロソフト	-	Microsoft 製 MSXML における HTTP リクエスト処理に関する脆弱性	CWE-Other その他	-	2011-06-15 14:15	2011-06-15	Show	GitHub Exploit DB Packet Storm

252244	5.8	警告	マイクロソフト	-	Internet Explorer におけるクリップボードの操作に関する脆弱性	CWE-Other その他	-	2011-06-15 14:15	2011-06-15	Show	GitHub Exploit DB Packet Storm

252245	5	警告	マイクロソフト	-	Windows の VBScript 実装における情報漏えいの脆弱性	CWE-264 認可・権限・アクセス制御	-	2011-06-15 14:14	2011-06-15	Show	GitHub Exploit DB Packet Storm

252246	3.5	注意	IBM	-	IBM DB2 における SYSSTAT.TABLES 統計コラムを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1847	2011-06-15 09:54	2011-04-26	Show	GitHub Exploit DB Packet Storm

252247	3.3	注意	シスコシステムズ	-	Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2056	2011-06-15 09:50	2009-08-18	Show	GitHub Exploit DB Packet Storm

252248	4.3	警告	シスコシステムズ	-	Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-2055	2011-06-15 09:50	2009-08-18	Show	GitHub Exploit DB Packet Storm

252249	7.8	危険	シスコシステムズ	-	Cisco Unified Communications Manager におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-2054	2011-06-15 09:49	2009-08-26	Show	GitHub Exploit DB Packet Storm

252250	7.8	危険	シスコシステムズ	-	Cisco Unified Communications Manager におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-2053	2011-06-15 09:49	2009-08-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222541	7.8	HIGH Local	bmc	patrol_agent	An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker to elevate his/her privileges to the ones of the "patrol" u…	CWE-276 Incorrect Default Permissions	CVE-2019-17043	2024-11-21 13:31	2019-10-15	Show	GitHub Exploit DB Packet Storm

222542	6.1	MEDIUM Network	genesys	eservices_chat	Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).	CWE-79 Cross-site Scripting	CVE-2019-17176	2024-11-21 13:31	2019-10-12	Show	GitHub Exploit DB Packet Storm

222543	9.8	CRITICAL Network	connect2id apache oracle	nimbus_jose\+jwt hadoop solaris_cluster weblogic_server peoplesoft_enterprise_peopletools enterprise_manager_base_platform primavera_gateway data_integrator communications_pri…	Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authenti…	CWE-755 Improper Handling of Exceptional Conditions	CVE-2019-17195	2024-11-21 13:31	2019-10-15	Show	GitHub Exploit DB Packet Storm

222544	9.8	CRITICAL Network	sophos	cyberoamos	A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consol…	CWE-78 OS Command	CVE-2019-17059	2024-11-21 13:31	2019-10-12	Show	GitHub Exploit DB Packet Storm

222545	9.8	CRITICAL Network	awplife	contact_form_widget	The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php.	CWE-89 SQL Injection	CVE-2019-17072	2024-11-21 13:31	2019-10-10	Show	GitHub Exploit DB Packet Storm

222546	6.1	MEDIUM Network	realbigplugins	client_dash	The client-dash (aka Client Dash) plugin 2.1.4 for WordPress allows XSS.	CWE-79 Cross-site Scripting	CVE-2019-17071	2024-11-21 13:31	2019-10-10	Show	GitHub Exploit DB Packet Storm

222547	6.1	MEDIUM Network	lqd	liquid_speech_balloon	The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin before 1.0.7 for WordPress allows XSS with Internet Explorer.	CWE-79 Cross-site Scripting	CVE-2019-17070	2024-11-21 13:31	2019-10-10	Show	GitHub Exploit DB Packet Storm

222548	6.5	MEDIUM Network	koji_project	koji	Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.	CWE-22 Path Traversal	CVE-2019-17109	2024-11-21 13:31	2019-10-10	Show	GitHub Exploit DB Packet Storm

222549	4.3	MEDIUM Network	zohocorp	manageengine_datasecurity_plus	An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server …	CWE-552 Files or Directories Accessible to External Parties	CVE-2019-17112	2024-11-21 13:31	2019-10-10	Show	GitHub Exploit DB Packet Storm

222550	7.8	HIGH Local	openbsd netapp siemens	openssh cloud_backup steelstore_cloud_integrated_storage scalance_x204rna_firmware scalance_x204rna_ecc_firmware	OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This …	CWE-190 Integer Overflow or Wraparound	CVE-2019-16905	2024-11-21 13:31	2019-10-10	Show	GitHub Exploit DB Packet Storm