Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253471	5	警告	The PHP Group サイバートラスト株式会社レッドハット	-	PHP のセッションシリアライザにおける任意のセッション変数に変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3065	2010-12-15 15:28	2010-05-31	Show	GitHub Exploit DB Packet Storm

253472	5	警告	日立	-	JP1/NETM 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2010-12-15 15:27	2010-07-30	Show	GitHub Exploit DB Packet Storm

253473	5	警告	The PHP Group サイバートラスト株式会社ターボリナックスレッドハット	-	PHP におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-1917	2010-12-15 15:27	2010-05-11	Show	GitHub Exploit DB Packet Storm

253474	5	警告	The PHP Group アップルターボリナックスサイバートラスト株式会社レッドハット	-	PHP の xmlrpc 拡張におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-0397	2010-12-15 15:27	2010-03-16	Show	GitHub Exploit DB Packet Storm

253475	6.4	警告	The PHP Group サイバートラスト株式会社レッドハット	-	PHP の Linear Congruential Generator における値を推測される脆弱性	CWE-310 暗号の問題	CVE-2010-1128	2010-12-15 15:26	2010-03-26	Show	GitHub Exploit DB Packet Storm

253476	6.9	警告	GNU Project 日本電気ターボリナックスサイバートラスト株式会社レッドハット	-	GNU Libtool の libltdl における権限昇格の脆弱性	CWE-DesignError	CVE-2009-3736	2010-12-15 15:26	2009-11-16	Show	GitHub Exploit DB Packet Storm

253477	6.4	警告	アップル日本電気 Fetchmail Project	-	fetchmail における任意の SSL サーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2009-2666	2010-12-15 15:25	2009-08-6	Show	GitHub Exploit DB Packet Storm

253478	4.3	警告	アップル	-	Apple Safari の WebKit におけるロケーションバーの URL を偽装される脆弱性	CWE-Other その他	CVE-2010-3810	2010-12-15 14:42	2010-11-22	Show	GitHub Exploit DB Packet Storm

253479	9.3	危険	アップル	-	Apple Safari の WebKit における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-3809	2010-12-15 14:39	2010-11-22	Show	GitHub Exploit DB Packet Storm

253480	9.3	危険	アップル	-	Apple Safari の WebKit における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-3808	2010-12-15 14:37	2010-11-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
224531	9.8	CRITICAL Network	yourls	yourls	YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass.	CWE-843 Type Confusion	CVE-2019-14537	2024-11-21 13:26	2019-08-8	Show	GitHub Exploit DB Packet Storm

224532	8.8	HIGH Network	loom	loom	Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same netw…	CWE-287 Improper Authentication	CVE-2019-14432	2024-11-21 13:26	2019-08-8	Show	GitHub Exploit DB Packet Storm

224533	8.8	HIGH Network	eq-3	ccu2_firmware ccu3_firmware	eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the s…	CWE-862 Missing Authorization	CVE-2019-14473	2024-11-21 13:26	2019-08-7	Show	GitHub Exploit DB Packet Storm

224534	8.8	HIGH Network	schben	adive	Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unprivileged users (editor or developer) to create an administrator account via admin/user/add, as demonstrated by a Python PoC script.	CWE-425 Direct Request ('Forced Browsing')	CVE-2019-14347	2024-11-21 13:26	2019-08-7	Show	GitHub Exploit DB Packet Storm

224535	8.8	HIGH Network	schben	adive	Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.	CWE-352 Origin Validation Error	CVE-2019-14346	2024-11-21 13:26	2019-08-7	Show	GitHub Exploit DB Packet Storm

224536	7.5	HIGH Network	eq-3	ccu2_firmware ccu3_firmware	eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in…	CWE-862 Missing Authorization	CVE-2019-14475	2024-11-21 13:26	2019-08-6	Show	GitHub Exploit DB Packet Storm

224537	5.4	MEDIUM Network	espocrm	espocrm	An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside t…	CWE-79 Cross-site Scripting	CVE-2019-14550	2024-11-21 13:26	2019-08-6	Show	GitHub Exploit DB Packet Storm

224538	5.4	MEDIUM Network	espocrm	espocrm	An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed inside the title and breadcrumb of a newly formed entity available to all the users. A malicious user can inject JavaScript in…	CWE-79 Cross-site Scripting	CVE-2019-14549	2024-11-21 13:26	2019-08-6	Show	GitHub Exploit DB Packet Storm

224539	5.4	MEDIUM Network	espocrm	espocrm	An issue was discovered in EspoCRM before 5.6.9. Stored XSS in the body of an Article was executed when a victim opens articles received through mail. This Article can be formed by an attacker using …	CWE-79 Cross-site Scripting	CVE-2019-14548	2024-11-21 13:26	2019-08-6	Show	GitHub Exploit DB Packet Storm

224540	5.4	MEDIUM Network	espocrm	espocrm	An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a attacker sends an attachment to admin with malicious JavaScript in the filename. This JavaScript executed when an admin…	CWE-79 Cross-site Scripting	CVE-2019-14547	2024-11-21 13:26	2019-08-6	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed