Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252741 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4852 2011-12-20 14:38 2011-12-16 Show GitHub Exploit DB Packet Storm
252742 9.3 危険 Parallels - Parallels Plesk Panel の Control Panel における認証を回避される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-4851 2011-12-20 14:13 2011-12-16 Show GitHub Exploit DB Packet Storm
252743 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4850 2011-12-20 14:12 2011-12-16 Show GitHub Exploit DB Packet Storm
252744 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における Cookie をキャプチャされる脆弱性 CWE-200
情報漏えい 		CVE-2011-4849 2011-12-20 14:11 2011-12-16 Show GitHub Exploit DB Packet Storm
252745 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4848 2011-12-20 14:10 2011-12-16 Show GitHub Exploit DB Packet Storm
252746 7.5 危険 Parallels - Parallels Plesk Panel の Control Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4847 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
252747 4.3 警告 Parallels - Parallels Plesk Panel の Site Editor 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4777 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
252748 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4776 2011-12-20 12:22 2011-12-16 Show GitHub Exploit DB Packet Storm
252749 10 危険 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4768 2011-12-20 12:21 2011-12-16 Show GitHub Exploit DB Packet Storm
252750 5 警告 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4767 2011-12-20 12:21 2011-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221191 5.3 MEDIUM
Network 		gitlab gitlab An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commit… NVD-CWE-Other
CVE-2019-5487 2024-11-21 13:45 2019-12-19 Show GitHub Exploit DB Packet Storm
221192 8.8 HIGH
Network 		gitlab gitlab A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed… CWE-287
Improper Authentication 		CVE-2019-5486 2024-11-21 13:45 2019-12-19 Show GitHub Exploit DB Packet Storm
221193 7.5 HIGH
Network 		xmlsoft
debian 		libxslt
debian_linux 		Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data. CWE-787
CWE-843
 Out-of-bounds Write
Type Confusion 		CVE-2019-5815 2024-11-21 13:45 2019-12-11 Show GitHub Exploit DB Packet Storm
221194 8.8 HIGH
Network 		google chrome Out of bounds memory access in JavaScript in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CWE-787
 Out-of-bounds Write 		CVE-2019-5843 2024-11-21 13:45 2019-12-11 Show GitHub Exploit DB Packet Storm
221195 8.8 HIGH
Network 		google chrome Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CWE-787
 Out-of-bounds Write 		CVE-2019-5841 2024-11-21 13:45 2019-12-11 Show GitHub Exploit DB Packet Storm
221196 9.8 CRITICAL
Network 		vmware
redhat
openslp
fedoraproject 		esxi
horizon_daas
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_server_tu… 		OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base sco… CWE-787
 Out-of-bounds Write 		CVE-2019-5544 2024-11-21 13:45 2019-12-7 Show GitHub Exploit DB Packet Storm
221197 6.5 MEDIUM
Network 		google chrome Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CWE-787
CWE-416
 Out-of-bounds Write
 Use After Free 		CVE-2019-5826 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm
221198 6.5 MEDIUM
Network 		google chrome Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CWE-787
 Out-of-bounds Write 		CVE-2019-5825 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm
221199 8.1 HIGH
Network 		google chrome Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CWE-125
Out-of-bounds Read 		CVE-2019-5881 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm
221200 7.4 HIGH
Network 		google chrome Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CWE-200
Information Exposure 		CVE-2019-5880 2024-11-21 13:45 2019-11-26 Show GitHub Exploit DB Packet Storm