Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 1, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253111 10 危険 日立 - JP1/Cm2/Network Node Manager における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		- 2010-08-4 16:23 2010-07-12 Show GitHub Exploit DB Packet Storm
253112 5 警告 日立 - HiRDB におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		- 2010-08-4 16:23 2010-06-30 Show GitHub Exploit DB Packet Storm
253113 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0177 2010-08-4 15:25 2010-03-30 Show GitHub Exploit DB Packet Storm
253114 4.7 警告 オラクル - Oracle Solaris における TCP/IP の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-2394 2010-08-3 19:20 2010-07-13 Show GitHub Exploit DB Packet Storm
253115 4.9 警告 オラクル - Oracle Solaris における GigaSwift Ethernet ドライバの処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-2386 2010-08-3 19:20 2010-07-13 Show GitHub Exploit DB Packet Storm
253116 5.6 警告 オラクル - Oracle Solaris における ZFS の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-2392 2010-08-3 19:20 2010-07-13 Show GitHub Exploit DB Packet Storm
253117 6.2 警告 オラクル - Oracle Solaris における rdist の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2010-0916 2010-08-3 19:20 2010-07-13 Show GitHub Exploit DB Packet Storm
253118 7.5 危険 OpenBSD
FreeBSD
オラクル
NetBSD		 - 複数の製品の ftpd におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-4247 2010-08-3 19:19 2008-09-25 Show GitHub Exploit DB Packet Storm
253119 7.5 危険 ターボリナックス
MySQL AB		 - MySQL で使用される yaSSL における複数のスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-4484 2010-08-3 18:59 2009-12-30 Show GitHub Exploit DB Packet Storm
253120 2.1 注意 オラクル - Oracle Database Server の Export コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0901 2010-08-2 19:32 2010-07-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223061 6.5 MEDIUM
Network 		imagemagick
opensuse 		imagemagick
leap 		ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2019-13296 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223062 8.8 HIGH
Network 		imagemagick
debian
opensuse
canonical 		imagemagick
debian_linux
leap
ubuntu_linux 		ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. CWE-125
Out-of-bounds Read 		CVE-2019-13295 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223063 9.8 CRITICAL
Network 		arox school-erp AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system. CWE-287
CWE-434
Improper Authentication
 Unrestricted Upload of File with Dangerous Type  		CVE-2019-13294 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223064 9.8 CRITICAL
Network 		weberp weberp A SQL Injection issue was discovered in webERP 4.15. Payments.php accepts payment data in base64 format. After this is decoded, it is deserialized. Then, this deserialized data goes directly into a S… CWE-89
SQL Injection 		CVE-2019-13292 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223065 5.5 MEDIUM
Local 		glyphandcog xpdfreader In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops … CWE-125
Out-of-bounds Read 		CVE-2019-13291 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223066 7.8 HIGH
Local 		artifex mupdf Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs … CWE-787
 Out-of-bounds Write 		CVE-2019-13290 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223067 7.8 HIGH
Local 		glyphandcog xpdfreader In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdf… CWE-416
 Use After Free 		CVE-2019-13289 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223068 5.5 MEDIUM
Local 		glyphandcog xpdfreader In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646. CWE-674
 Uncontrolled Recursion 		CVE-2019-13288 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223069 5.5 MEDIUM
Local 		glyphandcog xpdfreader In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF … CWE-125
Out-of-bounds Read 		CVE-2019-13287 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm
223070 5.5 MEDIUM
Local 		glyphandcog
fedoraproject 		xpdfreader
fedora 		In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document… CWE-125
Out-of-bounds Read 		CVE-2019-13286 2024-11-21 13:24 2019-07-5 Show GitHub Exploit DB Packet Storm