Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253331	-	-	コンソナ	-	Consona (旧 SupportSoft) Intelligent Assistance Suite (IAS) に複数の脆弱性	-	-	2010-06-4 17:58	2010-05-13	Show	GitHub Exploit DB Packet Storm

253332	7.5	危険	アップル VMware サン・マイクロシステムズヒューレット・パッカードレッドハット	-	JDK および JRE の Java プラグインにおける古い JRE バージョンで動作可能な脆弱性	CWE-DesignError	CVE-2009-1105	2010-06-4 15:54	2009-03-24	Show	GitHub Exploit DB Packet Storm

253333	10	危険	日立	-	Collaboration - Common Utility におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	-	2010-06-3 15:19	2010-05-12	Show	GitHub Exploit DB Packet Storm

253334	10	危険	日立 CA Technologies	-	CA ARCserve Backup および BrightStor ARCserve Backup における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	-	2010-06-3 15:19	2010-03-18	Show	GitHub Exploit DB Packet Storm

253335	6.4	警告	サイバートラスト株式会社 MySQL AB ターボリナックスレッドハット	-	MySQL における SSL サーバになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2009-4028	2010-06-3 14:57	2009-11-4	Show	GitHub Exploit DB Packet Storm

253336	4	警告	富士通九州システムズ	-	e-Pares におけるセッション固定の脆弱性	CWE-Other その他	CVE-2010-2149	2010-06-2 15:05	2010-06-2	Show	GitHub Exploit DB Packet Storm

253337	2.6	注意	富士通九州システムズ	-	e-Pares におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-2151	2010-06-2 15:04	2010-06-2	Show	GitHub Exploit DB Packet Storm

253338	4.3	警告	富士通九州システムズ	-	e-Pares におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2150	2010-06-2 15:02	2010-06-2	Show	GitHub Exploit DB Packet Storm

253339	2.1	注意	アドビシステムズ	-	Adobe ColdFusion における重要な情報を取得される脆弱性	CWE-200 CWE-noinfo	CVE-2010-1294	2010-06-2 12:14	2010-05-11	Show	GitHub Exploit DB Packet Storm

253340	4.3	警告	アドビシステムズ	-	Adobe ColdFusion の Administrator ページにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1293	2010-06-2 12:14	2010-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
223001	9.8	CRITICAL Network	matrixssl	matrixssl	MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.	CWE-125 Out-of-bounds Read	CVE-2019-13470	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223002	6.1	MEDIUM Network	keynto	team_password_manager	KEYNTO Team Password Manager 1.5.0 allows XSS because data saved from websites is mishandled in the online vault.	CWE-79 Cross-site Scripting	CVE-2019-13380	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223003	7.5	HIGH Network	trendnet	tew-827dru_firmware	TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values…	NVD-CWE-noinfo	CVE-2019-13277	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223004	7.5	HIGH Network	weseek	growi	In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a page by leveraging wiki access to make API calls for page metadata. In other words, the password hash …	CWE-306 Missing Authentication for Critical Function	CVE-2019-13338	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223005	7.5	HIGH Network	weseek	growi	In WESEEK GROWI before 3.5.0, the site-wide basic authentication can be bypassed by adding a URL parameter access_token (this is the parameter used by the API). No valid token is required since it is…	CWE-639 CWE-863 Authorization Bypass Through User-Controlled Key Incorrect Authorization	CVE-2019-13337	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223006	7.5	HIGH Network	modsecurity	owasp_modsecurity_core_rule_set	An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2. Use of X.Filename instead of X_Filename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots int…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-13464	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223007	8.8	HIGH Network	trendnet	tew-827dru_firmware	TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains a stack-based buffer overflow while returning an error message to the user about failure to resolve a hostname during a ping or …	CWE-787 Out-of-bounds Write	CVE-2019-13280	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223008	5.4	MEDIUM Network	cyberpowersystems	powerpanel	A stored XSS vulnerability in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows a privileged attacker to embed malicious JavaScript in the SNMP trap receivers form. Up…	CWE-79 Cross-site Scripting	CVE-2019-13070	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223009	7.5	HIGH Network	prestashop	prestashop	In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_address_invoice parameters are affected by an Insecure Direct Object Reference vulnerability due to a guessable value sent to the web …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2019-13461	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

223010	5.3	MEDIUM Network	field_test_project	field_test	The field_test gem 0.3.0 for Ruby has unvalidated input. A method call that is expected to return a value from a certain set of inputs can be made to return any input, which can be dangerous dependin…	CWE-74 Injection	CVE-2019-13146	2024-11-21 13:24	2019-07-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed