Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255201 4.3 警告 アップル - Apple Safari の WebKit における他のサイトから画像を読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1416 2010-12-10 14:35 2010-06-10 Show GitHub Exploit DB Packet Storm
255202 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1415 2010-12-10 14:33 2010-06-10 Show GitHub Exploit DB Packet Storm
255203 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1414 2010-12-10 14:32 2010-06-10 Show GitHub Exploit DB Packet Storm
255204 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1410 2010-12-10 14:32 2010-06-10 Show GitHub Exploit DB Packet Storm
255205 4.3 警告 アップル - Apple Safari の WebKit における制限を回避される脆弱性 CWE-189
CWE-264
CVE-2010-1408 2010-12-10 14:31 2010-06-10 Show GitHub Exploit DB Packet Storm
255206 4.3 警告 アップル - Apple iOS の WebKit における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-1407 2010-12-10 14:31 2010-06-22 Show GitHub Exploit DB Packet Storm
255207 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1405 2010-12-10 14:30 2010-06-10 Show GitHub Exploit DB Packet Storm
255208 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1403 2010-12-10 14:29 2010-06-10 Show GitHub Exploit DB Packet Storm
255209 4.3 警告 アップル - Apple Safari の WebKit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1394 2010-12-10 14:28 2010-06-10 Show GitHub Exploit DB Packet Storm
255210 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1392 2010-12-10 14:28 2010-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 22, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
225281 6.1 MEDIUM
Network 		gfi kerio_control A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure… CWE-79
Cross-site Scripting 		CVE-2019-16414 2024-11-21 13:30 2019-09-30 Show GitHub Exploit DB Packet Storm
225282 9.8 CRITICAL
Network 		plataformatec simple_form Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call. CWE-20
 Improper Input Validation  		CVE-2019-16676 2024-11-21 13:30 2019-09-30 Show GitHub Exploit DB Packet Storm
225283 5.4 MEDIUM
Network 		dolibarr dolibarr_erp\/crm Dolibarr 9.0.5 has stored XSS in an Email Template section to mails_templates.php. A user with no privileges can inject script to attack the admin. (This stored XSS can affect all types of user privi… CWE-79
Cross-site Scripting 		CVE-2019-16688 2024-11-21 13:30 2019-09-28 Show GitHub Exploit DB Packet Storm
225284 5.4 MEDIUM
Network 		dolibarr dolibarr_erp\/crm Dolibarr 9.0.5 has stored XSS in a User Profile in a Signature section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can also achiev… CWE-79
Cross-site Scripting 		CVE-2019-16687 2024-11-21 13:30 2019-09-28 Show GitHub Exploit DB Packet Storm
225285 5.4 MEDIUM
Network 		dolibarr dolibarr_erp\/crm Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A user with no privileges can inject script to attack the admin. CWE-79
Cross-site Scripting 		CVE-2019-16686 2024-11-21 13:30 2019-09-28 Show GitHub Exploit DB Packet Storm
225286 5.4 MEDIUM
Network 		dolibarr dolibarr_erp\/crm Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Description section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can a… CWE-79
Cross-site Scripting 		CVE-2019-16685 2024-11-21 13:30 2019-09-28 Show GitHub Exploit DB Packet Storm
225287 8.8 HIGH
Network 		netgate pfsense diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expi… CWE-352
 Origin Validation Error 		CVE-2019-16667 2024-11-21 13:30 2019-09-27 Show GitHub Exploit DB Packet Storm
225288 6.1 MEDIUM
Network 		yzmcms yzmcms An HTTP Host header injection vulnerability exists in YzmCMS V5.3. A malicious user can poison a web cache or trigger redirections. CWE-74
Injection 		CVE-2019-16532 2024-11-21 13:30 2019-09-27 Show GitHub Exploit DB Packet Storm
225289 4.8 MEDIUM
Network 		status301 easy_fancybox The easy-fancybox plugin before 1.8.18 for WordPress (aka Easy FancyBox) is susceptible to Stored XSS in the Settings Menu inc/class-easyfancybox.php due to improper encoding of arbitrarily submitted… CWE-79
Cross-site Scripting 		CVE-2019-16524 2024-11-21 13:30 2019-09-27 Show GitHub Exploit DB Packet Storm
225290 5.3 MEDIUM
Network 		symbiote
silverstripe 		versionedfiles
silverstripe 		In the Versioned Files module through 2.0.3 for SilverStripe 3.x, unpublished versions of files are publicly exposed to anyone who can guess their URL. This guess could be highly informed by a basic … NVD-CWE-noinfo
CVE-2019-16409 2024-11-21 13:30 2019-09-27 Show GitHub Exploit DB Packet Storm