Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253881 3.2 注意 オラクル - Oracle Database の Oracle Spatial コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3413 2010-02-12 12:22 2010-01-12 Show GitHub Exploit DB Packet Storm
253882 3.6 注意 オラクル - Oracle Database の RDBMS コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3410 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
253883 4 警告 オラクル - Oracle Database の Logical Standby コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-1996 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
253884 4.9 警告 オラクル - Oracle Database の Oracle Spatial コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3414 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
253885 4.9 警告 オラクル - Oracle Database の Oracle Data Pump コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3411 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
253886 6 警告 オラクル - Oracle Database の Application Express Application Builder コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0076 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
253887 9 危険 オラクル - Oracle Database の Oracle OLAP コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3415 2010-02-12 12:20 2010-01-12 Show GitHub Exploit DB Packet Storm
253888 10 危険 オラクル - Oracle Database の Listener コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0071 2010-02-12 12:20 2010-01-12 Show GitHub Exploit DB Packet Storm
253889 5 警告 Pidgin
Adium
レッドハット		 - Pidgin および Adium の MSN プロトコルプラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0013 2010-02-10 13:39 2010-01-8 Show GitHub Exploit DB Packet Storm
253890 10 危険 アドビシステムズ
レッドハット		 - Adobe Reader および Acrobat の U3D 実装における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2009-3959 2010-02-10 13:39 2010-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
250061 6.1 MEDIUM
Network 		avantfax avantfax AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1. CWE-79
Cross-site Scripting 		CVE-2017-18024 2024-11-21 12:19 2018-01-11 Show GitHub Exploit DB Packet Storm
250062 6.1 MEDIUM
Network 		officetracker officetracker Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI. CWE-79
Cross-site Scripting 		CVE-2017-18023 2024-11-21 12:19 2018-01-11 Show GitHub Exploit DB Packet Storm
250063 8.8 HIGH
Network 		redmine
debian 		redmine
debian_linux 		Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary comma… NVD-CWE-noinfo
CVE-2017-18026 2024-11-21 12:19 2018-01-10 Show GitHub Exploit DB Packet Storm
250064 9.8 CRITICAL
Network 		innotube itguard_manager cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning… CWE-78
OS Command  		CVE-2017-18025 2024-11-21 12:19 2018-01-9 Show GitHub Exploit DB Packet Storm
250065 6.5 MEDIUM
Network 		imagemagick
canonical 		imagemagick
ubuntu_linux 		In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2017-18022 2024-11-21 12:19 2018-01-6 Show GitHub Exploit DB Packet Storm
250066 9.8 CRITICAL
Network 		qtpass qtpass It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI. CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2017-18021 2024-11-21 12:19 2018-01-6 Show GitHub Exploit DB Packet Storm
250067 8.4 HIGH
Local 		samsung samsung_mobile On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs… CWE-20
 Improper Input Validation  		CVE-2017-18020 2024-11-21 12:19 2018-01-4 Show GitHub Exploit DB Packet Storm
250068 7.1 HIGH
Local 		k7computing total_security In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a… CWE-20
 Improper Input Validation  		CVE-2017-18019 2024-11-21 12:19 2018-01-4 Show GitHub Exploit DB Packet Storm
250069 4.7 MEDIUM
Local 		gnu coreutils In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify … CWE-362
Race Condition 		CVE-2017-18018 2024-11-21 12:19 2018-01-4 Show GitHub Exploit DB Packet Storm
250070 9.8 CRITICAL
Network 		linux
debian
arista
f5
suse
opensuse
openstack
canonical
redhat 		linux_kernel
debian_linux
eos
arx
linux_enterprise_server
linux_enterprise_software_development_kit
linux_enterprise_debuginfo
linux_enterprise_desktop
linux_enterprise_real_t… 		The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memor… CWE-416
 Use After Free 		CVE-2017-18017 2024-11-21 12:19 2018-01-3 Show GitHub Exploit DB Packet Storm