Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255081	5	警告	オラクル	-	BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0068	2010-02-15 19:32	2010-01-12	Show	GitHub Exploit DB Packet Storm

255082	4.3	警告	オラクル	-	Oracle Application Server の J2EE コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0070	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

255083	5	警告	オラクル	-	Oracle Application Server の J2EE コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0067	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

255084	5	警告	オラクル	-	Oracle Application Server の Access Manager Identity Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0066	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

255085	7.8	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1385	2010-02-15 11:03	2009-06-4	Show	GitHub Exploit DB Packet Storm

255086	4.6	警告	サイバートラスト株式会社 Todd C. Miller	-	sudo の Perl スクリプト実行時における権限昇格の脆弱性	-	CVE-2005-4158	2010-02-15 11:03	2005-11-8	Show	GitHub Exploit DB Packet Storm

255087	1	注意	オラクル	-	Oracle Database および Oracle Application Server の Unzip コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3412	2010-02-12 12:22	2010-01-12	Show	GitHub Exploit DB Packet Storm

255088	3.2	注意	オラクル	-	Oracle Database の Oracle Spatial コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3413	2010-02-12 12:22	2010-01-12	Show	GitHub Exploit DB Packet Storm

255089	3.6	注意	オラクル	-	Oracle Database の RDBMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3410	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

255090	4	警告	オラクル	-	Oracle Database の Logical Standby コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-1996	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221911	6.1	MEDIUM Network	thycotic	secret_server	An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 2 of 2).	CWE-79 Cross-site Scripting	CVE-2019-18357	2024-11-21 13:33	2019-10-24	Show	GitHub Exploit DB Packet Storm

221912	6.1	MEDIUM Network	thycotic	secret_server	An XSS issue was discovered in Thycotic Secret Server before 10.7 (issue 1 of 2).	CWE-79 Cross-site Scripting	CVE-2019-18356	2024-11-21 13:33	2019-10-24	Show	GitHub Exploit DB Packet Storm

221913	9.8	CRITICAL Network	thycotic	secret_server	An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2019-18355	2024-11-21 13:33	2019-10-24	Show	GitHub Exploit DB Packet Storm

221914	6.1	MEDIUM Network	ant.design	ant_design_pro	In Ant Design Pro 4.0.0, reflected XSS in the user/login redirect GET parameter affects the authorization component, leading to execution of JavaScript code in the login after-action script.	CWE-79 Cross-site Scripting	CVE-2019-18350	2024-11-21 13:33	2019-10-24	Show	GitHub Exploit DB Packet Storm

221915	6.1	MEDIUM Network	python	python	An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the fir…	CWE-74 Injection	CVE-2019-18348	2024-11-21 13:33	2019-10-24	Show	GitHub Exploit DB Packet Storm

221916	9.8	CRITICAL Network	online_grading_system_project	online_grading_system	Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room,…	CWE-89 SQL Injection	CVE-2019-18344	2024-11-21 13:33	2019-10-24	Show	GitHub Exploit DB Packet Storm

221917	6.5	MEDIUM Network	citrix	application_delivery_controller_firmware gateway	In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and …	NVD-CWE-noinfo	CVE-2019-18177	2024-11-21 13:32	2022-12-27	Show	GitHub Exploit DB Packet Storm

221918	5.4	MEDIUM Network	digitalalertsystems	dasdec_ii_firmware one-net_se_firmware dasdec_i_firmware one-net_firmware dasdec_iii_firmware	Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH usernam…	-	CVE-2019-18265	2024-11-21 13:32	2022-12-1	Show	GitHub Exploit DB Packet Storm

221919	5.3	MEDIUM Network	apache fedoraproject oracle	http_server fedora instantis_enterprisetrack enterprise_manager_ops_center zfs_storage_appliance_kit	Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing …	CWE-444 HTTP Request Smuggling	CVE-2019-17567	2024-11-21 13:32	2021-06-10	Show	GitHub Exploit DB Packet Storm

221920	6.5	MEDIUM Network	fortinet	fortios fortiproxy	A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated r…	CWE-787 Out-of-bounds Write	CVE-2019-17656	2024-11-21 13:32	2021-04-13	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed