Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 20, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 254371 | 4.3 | 警告 | - | Android の com.android.phone プロセスにおけるサービス運用妨害 (DoS) 脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2999 | 2011-02-22 11:32 | 2009-10-14 | Show | GitHub Exploit DB Packet Storm | |
| 254372 | 5 | 警告 | - | Android の com.android.phone プロセスにおけるサービス運用妨害 (DoS) 脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2656 | 2011-02-22 11:28 | 2009-08-3 | Show | GitHub Exploit DB Packet Storm | |
| 254373 | 7.5 | 危険 | OpenBSD | - | OpenSSH における共有秘密鍵の認証要求を回避される脆弱性 |
CWE-287
不適切な認証 |
CVE-2010-4478 | 2011-02-21 16:53 | 2010-12-6 | Show | GitHub Exploit DB Packet Storm |
| 254374 | 5 | 警告 | レッドハット | - | IcedTea における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2010-3860 | 2011-02-21 16:53 | 2010-12-8 | Show | GitHub Exploit DB Packet Storm |
| 254375 | 6.8 | 警告 | レッドハット | - | IcedTea の JNLP SecurityManager におけるセキュリティポリシーを回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2010-4351 | 2011-02-21 14:58 | 2011-01-20 | Show | GitHub Exploit DB Packet Storm |
| 254376 | 4.3 | 警告 | シマンテック | - | Symantec Norton Mobile Security for Android における重要な情報を取得される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2010-0113 | 2011-02-21 14:55 | 2010-11-15 | Show | GitHub Exploit DB Packet Storm |
| 254377 | 4.3 | 警告 | - | Android の Dalvik API におけるサービス運用妨害 (DoS) 脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-3698 | 2011-02-21 14:54 | 2009-10-14 | Show | GitHub Exploit DB Packet Storm | |
| 254378 | 5 | 警告 | CollabNet, Inc. | - | CollabNet ScrumWorks Basic Server における認証情報取り扱いに関する問題 |
CWE-310
暗号の問題 |
CVE-2011-0410 | 2011-02-21 14:54 | 2011-01-24 | Show | GitHub Exploit DB Packet Storm |
| 254379 | 5 | 警告 | The PHP Group レッドハット |
- | Libmbfl の mb_strcut 関数における重要な情報を取得される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2010-4156 | 2011-02-18 15:07 | 2010-11-10 | Show | GitHub Exploit DB Packet Storm |
| 254380 | 6.8 | 警告 | The PHP Group サイバートラスト株式会社 レッドハット |
- | PHP の xml_utf8_decode 関数における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-5016 | 2011-02-18 15:03 | 2010-11-12 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 20, 2026, 4:14 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 225161 | 4.3 |
MEDIUM
Network |
gitlab | gitlab | GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint. |
NVD-CWE-noinfo
|
CVE-2019-15594 | 2024-11-21 13:29 | 2020-02-15 | Show | GitHub Exploit DB Packet Storm |
| 225162 | 4.3 |
MEDIUM
Network |
gitlab | gitlab | GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline. |
NVD-CWE-noinfo
|
CVE-2019-15592 | 2024-11-21 13:29 | 2020-02-15 | Show | GitHub Exploit DB Packet Storm |
| 225163 | 9.8 |
CRITICAL
Network |
nodejs oracle debian redhat opensuse |
node.js graalvm communications_cloud_native_core_network_function_cloud_native_environment debian_linux enterprise_linux enterprise_linux_eus leap |
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons |
NVD-CWE-Other
|
CVE-2019-15606 | 2024-11-21 13:29 | 2020-02-8 | Show | GitHub Exploit DB Packet Storm |
| 225164 | 9.8 |
CRITICAL
Network |
nodejs debian fedoraproject opensuse redhat oracle |
node.js debian_linux fedora leap enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server software_collections enterprise_linux enterprise_linux_server… |
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed |
CWE-444
HTTP Request Smuggling |
CVE-2019-15605 | 2024-11-21 13:29 | 2020-02-8 | Show | GitHub Exploit DB Packet Storm |
| 225165 | 7.5 |
HIGH
Network |
nodejs debian opensuse redhat oracle |
node.js debian_linux leap software_collections enterprise_linux_eus enterprise_linux_server_tus enterprise_linux_server_aus enterprise_linux graalvm communications_cloud_na… |
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate |
CWE-295
Improper Certificate Validation |
CVE-2019-15604 | 2024-11-21 13:29 | 2020-02-8 | Show | GitHub Exploit DB Packet Storm |
| 225166 | 7.8 |
HIGH
Local |
fortinet | forticlient | A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to run system commands under root privilege via injecting specially crafted "ExportL… |
NVD-CWE-noinfo
|
CVE-2019-15711 | 2024-11-21 13:29 | 2020-02-7 | Show | GitHub Exploit DB Packet Storm |
| 225167 | 4.9 |
MEDIUM
Network |
nextcloud opensuse suse |
nextcloud_server backports suse_linux_enterprise_server |
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders. |
CWE-20
Improper Input Validation |
CVE-2019-15624 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |
| 225168 | 5.3 |
MEDIUM
Network |
nextcloud suse opensuse |
nextcloud_server package_hub backports_sle |
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disable… |
NVD-CWE-noinfo
|
CVE-2019-15623 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |
| 225169 | 2.4 |
LOW
Physics |
nextcloud | nextcloud | Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries. |
CWE-89
SQL Injection |
CVE-2019-15622 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |
| 225170 | 6.5 |
MEDIUM
Network |
nextcloud | nextcloud_server | Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link. |
CWE-281
Improper Preservation of Permissions |
CVE-2019-15621 | 2024-11-21 13:29 | 2020-02-5 | Show | GitHub Exploit DB Packet Storm |