Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251941	5	警告	osCommerce	-	osCommerce におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2005-2330	2012-01-20 12:08	2012-01-20	Show	GitHub Exploit DB Packet Storm

251942	4.3	警告	osCommerce	-	osCommerce 日本語版におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0311	2012-01-20 12:08	2012-01-20	Show	GitHub Exploit DB Packet Storm

251943	2.7	注意	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0091	2012-01-20 11:36	2012-01-17	Show	GitHub Exploit DB Packet Storm

251944	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0089	2012-01-20 11:35	2012-01-17	Show	GitHub Exploit DB Packet Storm

251945	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0076	2012-01-20 11:35	2012-01-17	Show	GitHub Exploit DB Packet Storm

251946	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0088	2012-01-20 11:35	2012-01-17	Show	GitHub Exploit DB Packet Storm

251947	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise CRM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0074	2012-01-20 11:34	2012-01-17	Show	GitHub Exploit DB Packet Storm

251948	5.5	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0080	2012-01-20 11:33	2012-01-17	Show	GitHub Exploit DB Packet Storm

251949	3.6	注意	オラクル	-	Oracle Virtualization の Virtual Desktop Infrastructure コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-3571	2012-01-20 11:09	2012-01-17	Show	GitHub Exploit DB Packet Storm

251950	5	警告	オラクル	-	Oracle Database Server の Listener コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0072	2012-01-20 10:32	2012-01-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247401	7.8	HIGH Local	freedesktop debian redhat	poppler debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server…	Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspe…	CWE-190 Integer Overflow or Wraparound	CVE-2017-9776	2024-11-21 12:36	2017-06-23	Show	GitHub Exploit DB Packet Storm

247402	6.5	MEDIUM Network	freedesktop debian redhat	poppler debian_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server…	Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-9775	2024-11-21 12:36	2017-06-23	Show	GitHub Exploit DB Packet Storm

247403	9.8	CRITICAL Network	ideablade	breeze.server.net	IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization.	CWE-502 Deserialization of Untrusted Data	CVE-2017-9424	2024-11-21 12:36	2017-06-23	Show	GitHub Exploit DB Packet Storm

247404	6.5	MEDIUM Network	libtiff canonical	libtiff ubuntu_linux	In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function …	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2017-9815	2024-11-21 12:36	2017-06-23	Show	GitHub Exploit DB Packet Storm

247405	9.8	CRITICAL Network	openwebif_project	openwebif	An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. The saveConfig function of "plugin/controllers/models/config.py" performs an eval() call on the contents of the "key…	CWE-94 Code Injection	CVE-2017-9807	2024-11-21 12:36	2017-06-22	Show	GitHub Exploit DB Packet Storm

247406	5.5	MEDIUM Local	jasper_project	jasper	JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec…	CWE-125 Out-of-bounds Read	CVE-2017-9782	2024-11-21 12:36	2017-06-22	Show	GitHub Exploit DB Packet Storm

247407	6.1	MEDIUM Network	check_mk_project	check_mk	A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.4.0x prior to 1.4.0p6, allowing an unauthenticated remote attacker to inject arbitrary HTML or JavaScript via the _username pa…	CWE-79 Cross-site Scripting	CVE-2017-9781	2024-11-21 12:36	2017-06-22	Show	GitHub Exploit DB Packet Storm

247408	8.8	HIGH Network	horde	horde_image_api	Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.	CWE-94 Code Injection	CVE-2017-9774	2024-11-21 12:36	2017-06-22	Show	GitHub Exploit DB Packet Storm

247409	5.7	MEDIUM Network	horde	horde_image	Denial of Service was found in Horde_Image 2.x before 2.5.0 via a crafted URL to the "Null" image driver.	CWE-20 Improper Input Validation	CVE-2017-9773	2024-11-21 12:36	2017-06-22	Show	GitHub Exploit DB Packet Storm

247410	7.8	HIGH Local	flatpak debian	flatpak debian_linux	In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-9780	2024-11-21 12:36	2017-06-22	Show	GitHub Exploit DB Packet Storm