Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254151	4.3	警告	シマンテック	-	Symantec Norton Mobile Security for Android における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0113	2011-02-21 14:55	2010-11-15	Show	GitHub Exploit DB Packet Storm

254152	4.3	警告	Google	-	Android の Dalvik API におけるサービス運用妨害 (DoS) 脆弱性	CWE-noinfo 情報不足	CVE-2009-3698	2011-02-21 14:54	2009-10-14	Show	GitHub Exploit DB Packet Storm

254153	5	警告	CollabNet, Inc.	-	CollabNet ScrumWorks Basic Server における認証情報取り扱いに関する問題	CWE-310 暗号の問題	CVE-2011-0410	2011-02-21 14:54	2011-01-24	Show	GitHub Exploit DB Packet Storm

254154	5	警告	The PHP Group レッドハット	-	Libmbfl の mb_strcut 関数における重要な情報を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2010-4156	2011-02-18 15:07	2010-11-10	Show	GitHub Exploit DB Packet Storm

254155	6.8	警告	The PHP Group サイバートラスト株式会社レッドハット	-	PHP の xml_utf8_decode 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-5016	2011-02-18 15:03	2010-11-12	Show	GitHub Exploit DB Packet Storm

254156	6.8	警告	The PHP Group	-	PHP の set_magic_quotes_runtime 関数における SQL インジェクション攻撃を誘導される脆弱性	CWE-89 SQLインジェクション	CVE-2010-4700	2011-02-18 14:42	2010-07-1	Show	GitHub Exploit DB Packet Storm

254157	7.5	危険	The PHP Group	-	PHP の iconv_mime_decode_headers 関数におけるスパムの検出を回避される脆弱性	CWE-189 数値処理の問題	CVE-2010-4699	2011-02-18 14:40	2010-09-28	Show	GitHub Exploit DB Packet Storm

254158	5	警告	The PHP Group	-	PHP の GD 拡張モジュールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4698	2011-02-18 14:38	2010-12-7	Show	GitHub Exploit DB Packet Storm

254159	6.8	警告	The PHP Group	-	PHP の Zend Engine におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4697	2011-02-18 14:35	2010-09-18	Show	GitHub Exploit DB Packet Storm

254160	1	注意	サン・マイクロシステムズ	-	Oracle Sun Java System Portal Server のプロキシにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-4431	2011-02-18 14:30	2011-01-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221491	5.3	MEDIUM Network	atlassian	jira_server jira_data_center	The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to determine if a Jira project key exists or not via an information disclosure vulnerability.	NVD-CWE-noinfo	CVE-2019-20403	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221492	4.9	MEDIUM Network	atlassian	jira jira_software_data_center	Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an imprope…	NVD-CWE-noinfo	CVE-2019-20402	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221493	6.5	MEDIUM Network	atlassian	jira_server	Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF…	CWE-352 Origin Validation Error	CVE-2019-20401	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221494	7.8	HIGH Local	atlassian	jira_server	The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hij…	CWE-427 Uncontrolled Search Path Element	CVE-2019-20400	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221495	4.3	MEDIUM Network	atlassian	jira jira_software_data_center jira_server jira_data_center	Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticke…	CWE-276 Incorrect Default Permissions	CVE-2019-20106	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221496	7.5	HIGH Network	atlassian	crowd	The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0 before 3.7.1 allows remote attackers to perform a Denial of Service attack via an XML Entity Expansion vu…	CWE-776 XML Entity Expansion	CVE-2019-20104	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221497	9.8	CRITICAL Network	jobberbase	jobberbase	Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endpoint.	CWE-89 SQL Injection	CVE-2019-20447	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221498	6.1	MEDIUM Network	auth0	login_by_auth0	The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associated with wp-login.php.	CWE-79 Cross-site Scripting	CVE-2019-20173	2024-11-21 13:38	2020-02-6	Show	GitHub Exploit DB Packet Storm

221499	6.1	MEDIUM Network	auth0	lock	Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.	CWE-79 Cross-site Scripting	CVE-2019-20174	2024-11-21 13:38	2020-02-4	Show	GitHub Exploit DB Packet Storm

221500	6.5	MEDIUM Network	gnome opensuse fedoraproject debian canonical netapp	librsvg leap fedora debian_linux ubuntu_linux active_iq_unified_manager	In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so th…	CWE-400 Uncontrolled Resource Consumption	CVE-2019-20446	2024-11-21 13:38	2020-02-2	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed