Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 12:07 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257441 4.3 警告 オラクル - Oracle Industry Product Suite の Retail - Oracle Retail Markdown Optimization コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0862 2010-05-13 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
257442 4.3 警告 オラクル - Oracle Industry Product Suite の Life Sciences - Oracle Thesaurus Management System コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0875 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
257443 4.3 警告 オラクル - Oracle Industry Product Suite の Life Sciences - Oracle Clinical Remote Data Capture Option コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0876 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
257444 4.3 警告 オラクル - Oracle Industry Product Suite の Communications - Oracle Communications Unified Inventory Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0874 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
257445 4 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0879 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
257446 4 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0878 2010-05-13 15:11 2010-04-13 Show GitHub Exploit DB Packet Storm
257447 5 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0877 2010-05-13 15:11 2010-04-13 Show GitHub Exploit DB Packet Storm
257448 4 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0880 2010-05-13 15:11 2010-04-13 Show GitHub Exploit DB Packet Storm
257449 3.5 注意 オラクル - Oracle E-Business Suite の Oracle Workflow Cartridge コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0857 2010-05-13 15:10 2010-04-13 Show GitHub Exploit DB Packet Storm
257450 3.5 注意 オラクル - Oracle E-Business Suite の E-Business Intelligence コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0858 2010-05-13 15:10 2010-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221471 9.8 CRITICAL
Network 		nukeviet nukeviet modules/banners/funcs/click.php in NukeViet before 4.3.04 has a SQL INSERT statement with raw header data from an HTTP request (e.g., Referer and User-Agent). CWE-89
SQL Injection 		CVE-2019-7726 2024-11-21 13:48 2020-12-31 Show GitHub Exploit DB Packet Storm
221472 9.8 CRITICAL
Network 		nukeviet nukeviet includes/core/is_user.php in NukeViet before 4.3.04 deserializes the untrusted nvloginhash cookie (i.e., the code relies on PHP's serialization format when JSON can be used to eliminate the risk). CWE-502
 Deserialization of Untrusted Data 		CVE-2019-7725 2024-11-21 13:48 2020-12-31 Show GitHub Exploit DB Packet Storm
221473 8.8 HIGH
Network 		intelliants subrion_cms Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins. CWE-352
 Origin Validation Error 		CVE-2019-7357 2024-11-21 13:48 2020-11-11 Show GitHub Exploit DB Packet Storm
221474 5.4 MEDIUM
Network 		intelliants subrion Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. CWE-79
Cross-site Scripting 		CVE-2019-7356 2024-11-21 13:48 2020-11-5 Show GitHub Exploit DB Packet Storm
221475 6.1 MEDIUM
Network 		galileo_cms_project galileo_cms There is stored cross site scripting (XSS) in Galileo CMS v0.042. Remote authenticated users could inject arbitrary web script or HTML via $page_title in /lib/Galileo/files/templates/page/show.html.e… CWE-79
Cross-site Scripting 		CVE-2019-7410 2024-11-21 13:48 2020-08-14 Show GitHub Exploit DB Packet Storm
221476 5.4 MEDIUM
Network 		ifrn sistema_unificado_de_administracao_publica SUAP V2 allows XSS during the update of user information. CWE-79
Cross-site Scripting 		CVE-2019-7634 2024-11-21 13:48 2020-04-29 Show GitHub Exploit DB Packet Storm
221477 8.8 HIGH
Network 		weberp weberp In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection. CWE-89
SQL Injection 		CVE-2019-7755 2024-11-21 13:48 2020-03-31 Show GitHub Exploit DB Packet Storm
221478 7.2 HIGH
Network 		gigabyte app_center An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Speci… CWE-665
 Improper Initialization 		CVE-2019-7630 2024-11-21 13:48 2020-03-26 Show GitHub Exploit DB Packet Storm
221479 9.8 CRITICAL
Network 		johnsoncontrols entrapass A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system lev… CWE-20
 Improper Input Validation  		CVE-2019-7589 2024-11-21 13:48 2020-03-11 Show GitHub Exploit DB Packet Storm
221480 5.4 MEDIUM
Network 		wowza streaming_engine Wowza Streaming Engine 4.8.0 and earlier from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup… CWE-79
Cross-site Scripting 		CVE-2019-7655 2024-11-21 13:48 2020-01-30 Show GitHub Exploit DB Packet Storm