Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252601	6.4	警告	オラクル	-	Oracle JD Edwards EnterpriseOne Tools および OneWorld Tools における脆弱性	CWE-noinfo 情報不足	CVE-2011-0824	2011-05-13 11:27	2011-04-19	Show	GitHub Exploit DB Packet Storm

252602	5	警告	オラクル	-	Oracle JD Edwards EnterpriseOne Tools および OneWorld Tools における脆弱性	CWE-noinfo 情報不足	CVE-2011-0823	2011-05-13 11:26	2011-04-19	Show	GitHub Exploit DB Packet Storm

252603	3	注意	オラクル	-	Oracle Solaris における uucp の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-0821	2011-05-13 11:25	2011-04-19	Show	GitHub Exploit DB Packet Storm

252604	5.4	警告	オラクル	-	Oracle Solaris における Kernel の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-0820	2011-05-13 11:24	2011-04-19	Show	GitHub Exploit DB Packet Storm

252605	5	警告	オラクル	-	Oracle JD Edwards EnterpriseOne Tools および OneWorld Tools における脆弱性	CWE-noinfo 情報不足	CVE-2011-0819	2011-05-13 11:23	2011-04-19	Show	GitHub Exploit DB Packet Storm

252606	5	警告	オラクル	-	Oracle JD Edwards EnterpriseOne Tools および OneWorld Tools における脆弱性	CWE-noinfo 情報不足	CVE-2011-0818	2011-05-13 11:21	2011-04-19	Show	GitHub Exploit DB Packet Storm

252607	4.9	警告	オラクル	-	Oracle Solaris における Kernel の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-0813	2011-05-13 11:19	2011-04-19	Show	GitHub Exploit DB Packet Storm

252608	3.7	注意	オラクル	-	Oracle Solaris における Kernel の処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2011-0812	2011-05-13 11:03	2011-04-19	Show	GitHub Exploit DB Packet Storm

252609	5	警告	オラクル	-	Oracle JD Edwards EnterpriseOne Tools および OneWorld Tools における脆弱性	CWE-noinfo 情報不足	CVE-2011-0810	2011-05-13 11:02	2011-04-19	Show	GitHub Exploit DB Packet Storm

252610	4.3	警告	オラクル	-	Oracle E-Business Suite の Web ADI コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2011-0809	2011-05-13 11:01	2011-04-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
253441	7.8	HIGH Local	icinga	icinga	Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2017-16882	2024-11-21 12:17	2017-11-19	Show	GitHub Exploit DB Packet Storm

253442	6.1	MEDIUM Network	symphony_project	symphony	b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON objects, as demonstrated by a crafted userAvatarURL value to /settings/avatar, related to processor/AdminProcessor.java, processor…	CWE-79 Cross-site Scripting	CVE-2017-16881	2024-11-21 12:17	2017-11-18	Show	GitHub Exploit DB Packet Storm

253443	6.1	MEDIUM Network	whoops_project	whoops	The dump function in Util/TemplateHelper.php in filp whoops before 2.1.13 has XSS.	CWE-79 Cross-site Scripting	CVE-2017-16880	2024-11-21 12:17	2017-11-18	Show	GitHub Exploit DB Packet Storm

253444	10.0	CRITICAL Network	qemu debian canonical	qemu debian_linux ubuntu_linux	hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.	CWE-20 Improper Input Validation	CVE-2017-16845	2024-11-21 12:17	2017-11-18	Show	GitHub Exploit DB Packet Storm

253445	7.5	HIGH Network	zeit	next.js	ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information.	CWE-22 Path Traversal	CVE-2017-16877	2024-11-21 12:17	2017-11-18	Show	GitHub Exploit DB Packet Storm

253446	5.4	MEDIUM Network	icontime	rtc-1000_firmware	A stored cross-site scripting vulnerability in the Icon Time Systems RTC-1000 v2.5.7458 and earlier time clock allows remote attackers to inject arbitrary JavaScript in the nameFirst (aka First Name)…	CWE-79 Cross-site Scripting	CVE-2017-16819	2024-11-21 12:17	2017-11-18	Show	GitHub Exploit DB Packet Storm

253447	7.5	HIGH Network	teluu	pjsip	An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection wi…	NVD-CWE-noinfo	CVE-2017-16875	2024-11-21 12:17	2017-11-18	Show	GitHub Exploit DB Packet Storm

253448	9.8	CRITICAL Network	teluu debian	pjsip debian_linux	An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq, ttl, port, etc.) all had the potential to overf…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-16872	2024-11-21 12:17	2017-11-17	Show	GitHub Exploit DB Packet Storm

253449	8.1	HIGH Network	updraftplus	updraftplus	The UpdraftPlus plugin through 1.13.12 for WordPress allows remote PHP code execution because the plupload_action function in /wp-content/plugins/updraftplus/admin.php has a race condition before del…	CWE-94 Code Injection	CVE-2017-16871	2024-11-21 12:17	2017-11-17	Show	GitHub Exploit DB Packet Storm

253450	8.1	HIGH Network	updraftplus	updraftplus	The UpdraftPlus plugin through 1.13.12 for WordPress has SSRF in the updraft_ajax_handler function in /wp-content/plugins/updraftplus/admin.php via an httpget subaction. NOTE: the vendor reports that…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-16870	2024-11-21 12:17	2017-11-17	Show	GitHub Exploit DB Packet Storm