Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252591	4.3	警告	オラクル	-	Oracle Siebel CRM の Siebel CRM Core コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0833	2011-05-16 11:27	2011-04-19	Show	GitHub Exploit DB Packet Storm

252592	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の navigator.plugins の実装における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-2767	2011-05-16 11:09	2010-09-7	Show	GitHub Exploit DB Packet Storm

252593	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の normalizeDocument 関数における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-2766	2011-05-16 11:08	2010-09-7	Show	GitHub Exploit DB Packet Storm

252594	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の FRAMESET 要素の実装における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-2765	2011-05-16 11:07	2010-09-7	Show	GitHub Exploit DB Packet Storm

252595	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の nsTreeSelection 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-2760	2011-05-16 11:05	2010-09-7	Show	GitHub Exploit DB Packet Storm

252596	3.7	注意	オラクル	-	Oracle Solaris における LOFS の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-0839	2011-05-13 11:37	2011-04-19	Show	GitHub Exploit DB Packet Storm

252597	4.9	警告	オラクル	-	Oracle Solaris における Kernel/SPARC の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-0829	2011-05-13 11:36	2011-04-19	Show	GitHub Exploit DB Packet Storm

252598	4.3	警告	オラクル	-	Oracle PeopleSoft Enterprise の Application Portal における脆弱性	CWE-noinfo 情報不足	CVE-2011-0828	2011-05-13 11:35	2011-04-19	Show	GitHub Exploit DB Packet Storm

252599	3.5	注意	オラクル	-	Oracle PeopleSoft Products の PeopleSoft Enterprise コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0827	2011-05-13 11:34	2011-04-19	Show	GitHub Exploit DB Packet Storm

252600	3.5	注意	オラクル	-	Oracle PeopleSoft Enterprise の Application Portal における脆弱性	CWE-noinfo 情報不足	CVE-2011-0826	2011-05-13 11:34	2011-04-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
247361	9.8	CRITICAL Network	xiongmaitech	uc-httpd	XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.	CWE-22 Path Traversal	CVE-2017-7577	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247362	8.8	HIGH Network	pivotx	pivotx	PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to ch…	CWE-94 Code Injection	CVE-2017-7570	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247363	9.8	CRITICAL Network	dragonwavex	horizon_wireless_radio_firmware	DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credent…	CWE-798 Use of Hard-coded Credentials	CVE-2017-7576	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247364	9.8	CRITICAL Network	schneider-electric	modicon_tm221ce16r_firmware	Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus p…	CWE-200 Information Exposure	CVE-2017-7575	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247365	9.8	CRITICAL Network	schneider-electric	modicon_tm221ce16r_firmware somachine	Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized…	CWE-798 Use of Hard-coded Credentials	CVE-2017-7574	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247366	8.0	HIGH Network	ladybirdweb	faveo_helpdesk	public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.	CWE-352 Origin Validation Error	CVE-2017-7571	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247367	8.6	HIGH Network	vbulletin	vbulletin	In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-7569	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247368	7.7	HIGH Network	mybb	mybb	MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-7566	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247369	8.8	HIGH Network	splunk	hadoop_connect	Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041.	CWE-22 Path Traversal	CVE-2017-7565	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

247370	8.1	HIGH Network	backintime_project	backintime	The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condi…	CWE-362 Race Condition	CVE-2017-7572	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm