Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251991	4.3	警告	オラクル	-	OpenSSO Enterprise および Sun Java System Access Manager における脆弱性	CWE-noinfo 情報不足	CVE-2011-0844	2011-05-16 11:36	2011-04-19	Show	GitHub Exploit DB Packet Storm

251992	4.3	警告	オラクル	-	Oracle Siebel CRM の Siebel CRM Core コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0843	2011-05-16 11:35	2011-04-19	Show	GitHub Exploit DB Packet Storm

251993	7.8	危険	オラクル	-	Oracle Solaris 11 Express における TCP/IP の脆弱性	CWE-noinfo 情報不足	CVE-2011-0841	2011-05-16 11:34	2011-04-19	Show	GitHub Exploit DB Packet Storm

251994	4	警告	オラクル	-	Oracle PeopleSoft Enterprise PeopleTools における脆弱性	CWE-noinfo 情報不足	CVE-2011-0840	2011-05-16 11:33	2011-04-19	Show	GitHub Exploit DB Packet Storm

251995	4.3	警告	オラクル	-	Oracle Supply Chain Products Suite の Agile Technology Platform コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0837	2011-05-16 11:32	2011-04-19	Show	GitHub Exploit DB Packet Storm

251996	3.5	注意	オラクル	-	Oracle JD Edwards EnterpriseOne Tools および OneWorld Tools における脆弱性	CWE-noinfo 情報不足	CVE-2011-0836	2011-05-16 11:31	2011-04-19	Show	GitHub Exploit DB Packet Storm

251997	4.3	警告	オラクル	-	Oracle Siebel CRM の Siebel CRM Core コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0834	2011-05-16 11:27	2011-04-19	Show	GitHub Exploit DB Packet Storm

251998	4.3	警告	オラクル	-	Oracle Siebel CRM の Siebel CRM Core コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0833	2011-05-16 11:27	2011-04-19	Show	GitHub Exploit DB Packet Storm

251999	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の navigator.plugins の実装における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-2767	2011-05-16 11:09	2010-09-7	Show	GitHub Exploit DB Packet Storm

252000	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の normalizeDocument 関数における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-2766	2011-05-16 11:08	2010-09-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
256141	6.1	MEDIUM Network	mantisbt	mantisbt	An XSS issue was discovered in admin/install.php in MantisBT before 1.3.12 and 2.x before 2.5.2. Some variables under user control in the MantisBT installation script are not properly sanitized befor…	CWE-79 Cross-site Scripting	CVE-2017-12061	2024-11-21 12:08	2017-08-2	Show	GitHub Exploit DB Packet Storm

256142	6.5	MEDIUM Network	underbit	mad_libmad	mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decode…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-11552	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256143	6.1	MEDIUM Network	goldplugins	easy_testimonials	The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excer…	CWE-79 Cross-site Scripting	CVE-2017-12131	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256144	6.1	MEDIUM Network	event_list_project	event_list	The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action.	CWE-79 Cross-site Scripting	CVE-2017-12068	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256145	7.5	HIGH Network	potrace_project	potrace	Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.	CWE-125 Out-of-bounds Read	CVE-2017-12067	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256146	5.4	MEDIUM Network	cacti	cacti	Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer hea…	CWE-79 Cross-site Scripting	CVE-2017-12066	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256147	9.8	CRITICAL Network	cacti	cacti	spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.	NVD-CWE-noinfo	CVE-2017-12065	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256148	7.5	HIGH Network	open-emr	openemr	The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.	CWE-116 Improper Encoding or Escaping of Output	CVE-2017-12064	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256149	6.1	MEDIUM Network	connectwise	manage	services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafte…	CWE-79 Cross-site Scripting	CVE-2017-11727	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

256150	8.8	HIGH Network	connectwise	manage	services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting.	CWE-352 Origin Validation Error	CVE-2017-11726	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm