Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252541 4.3 警告 Cogent Real-Time Systems Inc. - Cogent DataHub におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0309 2012-01-13 15:59 2012-01-11 Show GitHub Exploit DB Packet Storm
252542 4.3 警告 マイクロソフト - Microsoft Anti-Cross Site Scripting Library におけるクロスサイトスクリプティング攻撃の脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0007 2012-01-13 15:51 2012-01-10 Show GitHub Exploit DB Packet Storm
252543 4.3 警告 Cogent Real-Time Systems Inc. - Cogent DataHub における HTTP ヘッダインジェクションの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0310 2012-01-13 15:48 2012-01-11 Show GitHub Exploit DB Packet Storm
252544 9.3 危険 マイクロソフト - 複数の Microsoft Windows 製品の Windows Packager 設定における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2012-0013 2012-01-13 15:45 2012-01-10 Show GitHub Exploit DB Packet Storm
252545 10 危険 Final Draft - Final Draft におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-5059 2012-01-12 15:54 2012-01-10 Show GitHub Exploit DB Packet Storm
252546 6.4 警告 3S-Smart Software Solutions - 3S CoDeSys における任意のディレクトリを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5058 2012-01-12 15:53 2012-01-10 Show GitHub Exploit DB Packet Storm
252547 7.8 危険 ヒューレット・パッカード - 複数の HP 製品の HP-ChaiSOE Web サーバにおけるディレクトリトラバーサルの脆弱性 CWE-200
情報漏えい 		CVE-2011-4785 2012-01-11 16:11 2012-01-9 Show GitHub Exploit DB Packet Storm
252548 5 警告 Apache Software Foundation - Apache Struts におけるランタイムデータの値を変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5057 2012-01-11 15:17 2012-01-8 Show GitHub Exploit DB Packet Storm
252549 9.3 危険 Apache Software Foundation - Apache Struts における任意のコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0392 2012-01-11 15:11 2012-01-8 Show GitHub Exploit DB Packet Storm
252550 9.3 危険 Apache Software Foundation - Apache Struts における任意の Java コードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0391 2012-01-11 14:57 2012-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221241 7.2 HIGH
Network 		kentico kentico Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vul… CWE-522
 Insufficiently Protected Credentials 		CVE-2019-6242 2024-11-21 13:46 2019-02-8 Show GitHub Exploit DB Packet Storm
221242 9.8 CRITICAL
Network 		forcepoint user_id Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-6139 2024-11-21 13:46 2019-02-8 Show GitHub Exploit DB Packet Storm
221243 6.8 MEDIUM
Physics 		bd facslyric_ivd
facslyric 		BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating S… NVD-CWE-Other
CVE-2019-6517 2024-11-21 13:46 2019-02-7 Show GitHub Exploit DB Packet Storm
221244 6.1 MEDIUM
Network 		broadcom automic_workload_automation Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attac… CWE-79
Cross-site Scripting 		CVE-2019-6504 2024-11-21 13:46 2019-02-6 Show GitHub Exploit DB Packet Storm
221245 9.8 CRITICAL
Network 		advantech webaccess\/scada WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands. CWE-89
SQL Injection 		CVE-2019-6523 2024-11-21 13:46 2019-02-6 Show GitHub Exploit DB Packet Storm
221246 8.6 HIGH
Network 		advantech webaccess\/scada WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information. CWE-287
Improper Authentication 		CVE-2019-6521 2024-11-21 13:46 2019-02-6 Show GitHub Exploit DB Packet Storm
221247 9.8 CRITICAL
Network 		advantech webaccess\/scada WebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data. CWE-287
Improper Authentication 		CVE-2019-6519 2024-11-21 13:46 2019-02-6 Show GitHub Exploit DB Packet Storm
221248 5.9 MEDIUM
Network 		f5 big-ip_local_traffic_manager On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic. NVD-CWE-noinfo
CVE-2019-6590 2024-11-21 13:46 2019-02-6 Show GitHub Exploit DB Packet Storm
221249 7.5 HIGH
Network 		mitsubishielectric q03udvcpu_firmware
q04udvcpu_firmware
q06udvcpu_firmware
q13udvcpu_firmware
q26udvcpu_firmware
q04udpvcpu_firmware
q06udpvcpu_firmware
q13udpvcpu_firmware
q26udpvcpu_firmware<… 		Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and … CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-6535 2024-11-21 13:46 2019-02-6 Show GitHub Exploit DB Packet Storm
221250 5.4 MEDIUM
Network 		f5 big-ip_access_policy_manager On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when … CWE-79
Cross-site Scripting 		CVE-2019-6591 2024-11-21 13:46 2019-02-6 Show GitHub Exploit DB Packet Storm