Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252121	5	警告	オラクル	-	Oracle Fusion Middleware の Oracle WebLogic Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-3566	2012-01-20 12:12	2012-01-17	Show	GitHub Exploit DB Packet Storm

252122	2.6	注意	オラクル	-	Oracle WebLogic Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0077	2012-01-20 12:09	2012-01-20	Show	GitHub Exploit DB Packet Storm

252123	5	警告	osCommerce	-	osCommerce におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2005-2330	2012-01-20 12:08	2012-01-20	Show	GitHub Exploit DB Packet Storm

252124	4.3	警告	osCommerce	-	osCommerce 日本語版におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0311	2012-01-20 12:08	2012-01-20	Show	GitHub Exploit DB Packet Storm

252125	2.7	注意	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0091	2012-01-20 11:36	2012-01-17	Show	GitHub Exploit DB Packet Storm

252126	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0089	2012-01-20 11:35	2012-01-17	Show	GitHub Exploit DB Packet Storm

252127	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0076	2012-01-20 11:35	2012-01-17	Show	GitHub Exploit DB Packet Storm

252128	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0088	2012-01-20 11:35	2012-01-17	Show	GitHub Exploit DB Packet Storm

252129	4	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise CRM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0074	2012-01-20 11:34	2012-01-17	Show	GitHub Exploit DB Packet Storm

252130	5.5	警告	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise HCM コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-0080	2012-01-20 11:33	2012-01-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
265221	9.8	CRITICAL Network	zohocorp	webnms_framework	ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2016-6602	2024-11-21 11:56	2017-01-24	Show	GitHub Exploit DB Packet Storm

265222	7.5	HIGH Network	zohocorp	webnms_framework	Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parame…	CWE-22 Path Traversal	CVE-2016-6601	2024-11-21 11:56	2017-01-24	Show	GitHub Exploit DB Packet Storm

265223	9.8	CRITICAL Network	zohocorp	webnms_framework	Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the…	CWE-22 Path Traversal	CVE-2016-6600	2024-11-21 11:56	2017-01-24	Show	GitHub Exploit DB Packet Storm

265224	9.1	CRITICAL Network	doorkeeper_project	doorkeeper	The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specificat…	CWE-254 7PK - Security Features	CVE-2016-6582	2024-11-21 11:56	2017-01-24	Show	GitHub Exploit DB Packet Storm

265225	8.8	HIGH Network	gopivotal	grails	Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of …	CWE-352 Origin Validation Error	CVE-2016-6521	2024-11-21 11:56	2017-01-24	Show	GitHub Exploit DB Packet Storm

265226	9.8	CRITICAL Network	liferay	liferay	Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E (encoded dot dot) in the minifierBundleDir parameter to barebone.jsp.	CWE-22 Path Traversal	CVE-2016-6517	2024-11-21 11:56	2017-01-24	Show	GitHub Exploit DB Packet Storm

265227	6.1	MEDIUM Network	infoblox	netmri	CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentTyp…	CWE-93 CRLF Injection	CVE-2016-6484	2024-11-21 11:56	2017-01-24	Show	GitHub Exploit DB Packet Storm

265228	7.5	HIGH Network	apache	groovy_ldap	main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all searc…	CWE-254 7PK - Security Features	CVE-2016-6497	2024-11-21 11:56	2017-01-19	Show	GitHub Exploit DB Packet Storm

265229	7.5	HIGH Network	imagemagick	imagemagick	Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds writ…	CWE-190 Integer Overflow or Wraparound	CVE-2016-6823	2024-11-21 11:56	2017-01-19	Show	GitHub Exploit DB Packet Storm

265230	7.8	HIGH Local	samsung	samsung_mobile	The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-6527	2024-11-21 11:56	2017-01-19	Show	GitHub Exploit DB Packet Storm