Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254191	4.3	警告	オラクル	-	Oracle Industry Product Suite の Retail - Oracle Retail Markdown Optimization コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0862	2010-05-13 15:13	2010-04-13	Show	GitHub Exploit DB Packet Storm

254192	4.3	警告	オラクル	-	Oracle Industry Product Suite の Life Sciences - Oracle Thesaurus Management System コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0875	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

254193	4.3	警告	オラクル	-	Oracle Industry Product Suite の Life Sciences - Oracle Clinical Remote Data Capture Option コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0876	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

254194	4.3	警告	オラクル	-	Oracle Industry Product Suite の Communications - Oracle Communications Unified Inventory Management コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0874	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

254195	4	警告	オラクル	-	複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0879	2010-05-13 15:12	2010-04-13	Show	GitHub Exploit DB Packet Storm

254196	4	警告	オラクル	-	複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0878	2010-05-13 15:11	2010-04-13	Show	GitHub Exploit DB Packet Storm

254197	5	警告	オラクル	-	複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0877	2010-05-13 15:11	2010-04-13	Show	GitHub Exploit DB Packet Storm

254198	4	警告	オラクル	-	複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0880	2010-05-13 15:11	2010-04-13	Show	GitHub Exploit DB Packet Storm

254199	3.5	注意	オラクル	-	Oracle E-Business Suite の Oracle Workflow Cartridge コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0857	2010-05-13 15:10	2010-04-13	Show	GitHub Exploit DB Packet Storm

254200	3.5	注意	オラクル	-	Oracle E-Business Suite の E-Business Intelligence コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0858	2010-05-13 15:10	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222111	8.8	HIGH Network	wikidsystems	two_factor_authentication_enterprise_server	Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter.	CWE-89 SQL Injection	CVE-2019-17119	2024-11-21 13:31	2019-10-18	Show	GitHub Exploit DB Packet Storm

222112	8.8	HIGH Network	wikidsystems	2fa_enterprise_server	A CSRF issue in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows a remote attacker to trick an authenticated user into performing unintended actions such as (1) create or delete admin users; (2…	CWE-352 Origin Validation Error	CVE-2019-17118	2024-11-21 13:31	2019-10-18	Show	GitHub Exploit DB Packet Storm

222113	8.8	HIGH Network	wikidsystems	2fa_enterprise_server	A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key paramete…	CWE-89 SQL Injection	CVE-2019-17117	2024-11-21 13:31	2019-10-18	Show	GitHub Exploit DB Packet Storm

222114	6.1	MEDIUM Network	wikidsystems	two_factor_authentication_enterprise_server	A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups…	CWE-79 Cross-site Scripting	CVE-2019-17116	2024-11-21 13:31	2019-10-18	Show	GitHub Exploit DB Packet Storm

222115	6.1	MEDIUM Network	wikidsystems	two_factor_authentication_enterprise_server	Multiple cross-site scripting (XSS) vulnerabilities in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML that is triggered when Logs.jsp is…	CWE-79 Cross-site Scripting	CVE-2019-17115	2024-11-21 13:31	2019-10-18	Show	GitHub Exploit DB Packet Storm

222116	6.1	MEDIUM Network	wikidsystems	two_factor_authentication_enterprise_server	A stored and reflected cross-site scripting (XSS) vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userP…	CWE-79 Cross-site Scripting	CVE-2019-17114	2024-11-21 13:31	2019-10-18	Show	GitHub Exploit DB Packet Storm

222117	8.8	HIGH Network	wikidsystems	two_factor_authentication_enterprise_server	WiKID Enterprise 2FA (two factor authentication) Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, u…	CWE-89 SQL Injection	CVE-2019-16917	2024-11-21 13:31	2019-10-18	Show	GitHub Exploit DB Packet Storm

222118	9.8	CRITICAL Network	slub-dresden	slub_events	The slub_events (aka SLUB: Event Registration) extension through 3.0.2 for TYPO3 allows uploading of arbitrary files to the webserver. For versions 1.2.2 and below, this results in Remote Code Execut…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2019-16700	2024-11-21 13:31	2019-10-17	Show	GitHub Exploit DB Packet Storm

222119	9.8	CRITICAL Network	sr_freecap_project	sr_freecap	The sr_freecap (aka freeCap CAPTCHA) extension 2.4.5 and below and 2.5.2 and below for TYPO3 fails to sanitize user input, which allows execution of arbitrary Extbase actions, resulting in Remote Cod…	CWE-20 Improper Input Validation	CVE-2019-16699	2024-11-21 13:31	2019-10-17	Show	GitHub Exploit DB Packet Storm

222120	4.3	MEDIUM Network	dkd	direct_mail	The direct_mail (aka Direct Mail) extension through 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user (with restricted permissions to the fe_users table) to view and e…	CWE-862 Missing Authorization	CVE-2019-16698	2024-11-21 13:31	2019-10-17	Show	GitHub Exploit DB Packet Storm