Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252351 7.5 危険 Mambo Foundation - Mambo CMS の administrator/index2.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-2917 2011-12-13 14:41 2011-12-8 Show GitHub Exploit DB Packet Storm
252352 6.8 警告 MIT Kerberos - MIT Kerberos の process_tgs_req 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1530 2011-12-13 14:40 2011-12-6 Show GitHub Exploit DB Packet Storm
252353 6.4 警告 BlackBerry - BlackBerry Administration API におけるテキストファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2011-0287 2011-12-13 14:35 2011-07-12 Show GitHub Exploit DB Packet Storm
252354 6.4 警告 Widelands - Widelands におけるパストラバーサル攻撃を誘発される脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4675 2011-12-12 18:21 2011-12-5 Show GitHub Exploit DB Packet Storm
252355 5 警告 One Click Orgs - One Click Orgs のパスワードリセット機能におけるユーザアカウントを列挙される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4678 2011-12-12 18:19 2011-12-6 Show GitHub Exploit DB Packet Storm
252356 4 警告 One Click Orgs - One Click Orgs におけるサービス運用妨害 (ログイン障害) の脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4555 2011-12-12 18:18 2011-12-6 Show GitHub Exploit DB Packet Storm
252357 5.5 警告 One Click Orgs - One Click Orgs における巧妙に細工された SMTP トラフィックを誘発する脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4554 2011-12-12 18:15 2011-12-6 Show GitHub Exploit DB Packet Storm
252358 6.9 警告 Celery - Celery における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4356 2011-12-12 18:14 2011-12-5 Show GitHub Exploit DB Packet Storm
252359 7.5 危険 ヒューレット・パッカード - HP Protect Tools Device Access Manager における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2011-4162 2011-12-12 18:13 2011-12-1 Show GitHub Exploit DB Packet Storm
252360 10 危険 ヒューレット・パッカード - HP CM8060 Color MFP その他の製品のデフォルト設定における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4161 2011-12-12 18:10 2011-11-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
224851 7.8 HIGH
Local 		k7computing k7_ultimate_security In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link… CWE-59
Link Following 		CVE-2019-16896 2024-11-21 13:31 2019-12-28 Show GitHub Exploit DB Packet Storm
224852 5.4 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admi… CWE-79
Cross-site Scripting 		CVE-2019-16781 2024-11-21 13:31 2019-12-27 Show GitHub Exploit DB Packet Storm
224853 8.2 HIGH
Network 		agendaless
oracle
debian
fedoraproject
redhat 		waitress
communications_cloud_native_core_network_function_cloud_native_environment
debian_linux
fedora
openstack 		In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress lead… CWE-444
HTTP Request Smuggling 		CVE-2019-16789 2024-11-21 13:31 2019-12-27 Show GitHub Exploit DB Packet Storm
224854 5.4 MEDIUM
Network 		wordpress
debian 		wordpress
debian_linux 		WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an a… CWE-79
Cross-site Scripting 		CVE-2019-16780 2024-11-21 13:31 2019-12-27 Show GitHub Exploit DB Packet Storm
224855 7.5 HIGH
Network 		agendaless
oracle
debian
fedoraproject
redhat 		waitress
communications_cloud_native_core_network_function_cloud_native_environment
debian_linux
fedora
openstack 		Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header … CWE-444
HTTP Request Smuggling 		CVE-2019-16786 2024-11-21 13:31 2019-12-21 Show GitHub Exploit DB Packet Storm
224856 7.5 HIGH
Network 		agendaless
oracle
debian
fedoraproject
redhat 		waitress
communications_cloud_native_core_network_function_cloud_native_environment
debian_linux
fedora
openstack 		Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize… CWE-444
HTTP Request Smuggling 		CVE-2019-16785 2024-11-21 13:31 2019-12-21 Show GitHub Exploit DB Packet Storm
224857 9.8 CRITICAL
Network 		beckhoff twincat Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. CWE-290
 Authentication Bypass by Spoofing 		CVE-2019-16871 2024-11-21 13:31 2019-12-20 Show GitHub Exploit DB Packet Storm
224858 5.9 MEDIUM
Network 		rack_project
fedoraproject
opensuse 		rack
fedora
leap 		There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack session… CWE-203
 Information Exposure Through Discrepancy 		CVE-2019-16782 2024-11-21 13:31 2019-12-19 Show GitHub Exploit DB Packet Storm
224859 9.8 CRITICAL
Network 		google tensorflow In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from in… CWE-681
 Incorrect Conversion between Numeric Types 		CVE-2019-16778 2024-11-21 13:31 2019-12-17 Show GitHub Exploit DB Packet Storm
224860 5.9 MEDIUM
Network 		excon_project
opensuse
debian 		excon
leap
backports_sle
debian_linux 		In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent req… CWE-362
Race Condition 		CVE-2019-16779 2024-11-21 13:31 2019-12-17 Show GitHub Exploit DB Packet Storm