Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255091 5.5 警告 オラクル - Oracle PeopleSoft Enterprise HRMS における ePerformance に関する脆弱性 CWE-noinfo
情報不足 		CVE-2011-0853 2011-05-17 09:43 2011-04-19 Show GitHub Exploit DB Packet Storm
255092 5.5 警告 オラクル - Oracle PeopleSoft Enterprise ELS における Enterprise Learning Mgmt に関する脆弱性 CWE-noinfo
情報不足 		CVE-2011-0851 2011-05-17 09:41 2011-04-19 Show GitHub Exploit DB Packet Storm
255093 5.5 警告 オラクル - Oracle PeopleSoft Enterprise CRM における Order Capture に関する脆弱性 CWE-noinfo
情報不足 		CVE-2011-0850 2011-05-17 09:28 2011-04-19 Show GitHub Exploit DB Packet Storm
255094 4.3 警告 オラクル - Oracle Java Dynamic Management Kit の HTML Adaptor における脆弱性 CWE-noinfo
情報不足 		CVE-2011-0849 2011-05-17 09:27 2011-04-19 Show GitHub Exploit DB Packet Storm
255095 4.3 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2769 2011-05-17 09:01 2010-09-7 Show GitHub Exploit DB Packet Storm
255096 4.3 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品におけるクロスサイトスクリプティングに対する保護メカニズムを回避される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2768 2011-05-17 09:00 2010-09-7 Show GitHub Exploit DB Packet Storm
255097 4.3 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品におけるイントラネット上の Web サーバの存在を発見される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2764 2011-05-17 08:59 2010-09-7 Show GitHub Exploit DB Packet Storm
255098 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - Mozilla 製品の SafeJSObjectWrapper 実装におけるクローム特権で任意の JavaScript コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-2762 2011-05-17 08:56 2010-09-7 Show GitHub Exploit DB Packet Storm
255099 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-3169 2011-05-17 08:55 2010-09-7 Show GitHub Exploit DB Packet Storm
255100 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-3168 2011-05-17 08:53 2010-09-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4251 3.1 LOW
Network 		- - Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to check if {{team_id}} was being changed when updating playbooks, allowing users with only {{Manage Playbook Configurations}} permissio… CWE-863
 Incorrect Authorization 		CVE-2026-4286 2026-05-19 02:32 2026-05-18 Show GitHub Exploit DB Packet Storm
4252 3.5 LOW
Network 		- - Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying application view in the Mattermost Desktop App which allows a malicious server … CWE-754
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-4643 2026-05-19 02:32 2026-05-18 Show GitHub Exploit DB Packet Storm
4253 6.5 MEDIUM
Network 		- - Mattermost versions 11.5.x <= 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the content of threads in private ch… CWE-862
 Missing Authorization 		CVE-2026-5163 2026-05-19 02:32 2026-05-18 Show GitHub Exploit DB Packet Storm
4254 4.3 MEDIUM
Network 		- - Mattermost versions 11.5.x <= 11.5.1, 11.4.x <= 11.4.3 fail to validate the X-Requested-With header on the burn-on-read reveal endpoint which allows an authenticated channel member to force the revea… CWE-346
 Origin Validation Error 		CVE-2026-6339 2026-05-19 02:32 2026-05-18 Show GitHub Exploit DB Packet Storm
4255 4.3 MEDIUM
Network 		- - Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to check public/private permissions which allows members without these permissions to access public playbooks via /get… CWE-863
 Incorrect Authorization 		CVE-2026-6343 2026-05-19 02:32 2026-05-18 Show GitHub Exploit DB Packet Storm
4256 6.5 MEDIUM
Network 		- - Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail prevent disclosure of created user password which allows a malicious attacker to impersonate a user via the use of som… CWE-522
 Insufficiently Protected Credentials 		CVE-2026-6345 2026-05-19 02:32 2026-05-18 Show GitHub Exploit DB Packet Storm
4257 6.4 MEDIUM
Network 		- - Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account settings page that allows authenticated attackers to inject malicious HTML and JavaScript code. Attackers… CWE-79
Cross-site Scripting 		CVE-2021-47962 2026-05-19 02:32 2026-05-16 Show GitHub Exploit DB Packet Storm
4258 7.2 HIGH
Network 		- - Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored within the application. A… CWE-79
Cross-site Scripting 		CVE-2021-47963 2026-05-19 02:32 2026-05-16 Show GitHub Exploit DB Packet Storm
4259 6.4 MEDIUM
Network 		- - Podcast Generator 3.1 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the long_des… CWE-79
Cross-site Scripting 		CVE-2021-47968 2026-05-19 02:32 2026-05-16 Show GitHub Exploit DB Packet Storm
4260 8.8 HIGH
Network 		- - HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-37227 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm