Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254631	5	警告	オラクル	-	Oracle Application Server の Access Manager Identity Server コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0066	2010-02-15 19:31	2010-01-12	Show	GitHub Exploit DB Packet Storm

254632	7.8	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1385	2010-02-15 11:03	2009-06-4	Show	GitHub Exploit DB Packet Storm

254633	4.6	警告	サイバートラスト株式会社 Todd C. Miller	-	sudo の Perl スクリプト実行時における権限昇格の脆弱性	-	CVE-2005-4158	2010-02-15 11:03	2005-11-8	Show	GitHub Exploit DB Packet Storm

254634	1	注意	オラクル	-	Oracle Database および Oracle Application Server の Unzip コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3412	2010-02-12 12:22	2010-01-12	Show	GitHub Exploit DB Packet Storm

254635	3.2	注意	オラクル	-	Oracle Database の Oracle Spatial コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3413	2010-02-12 12:22	2010-01-12	Show	GitHub Exploit DB Packet Storm

254636	3.6	注意	オラクル	-	Oracle Database の RDBMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3410	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

254637	4	警告	オラクル	-	Oracle Database の Logical Standby コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-1996	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

254638	4.9	警告	オラクル	-	Oracle Database の Oracle Spatial コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3414	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

254639	4.9	警告	オラクル	-	Oracle Database の Oracle Data Pump コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3411	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

254640	6	警告	オラクル	-	Oracle Database の Application Express Application Builder コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-0076	2010-02-12 12:21	2010-01-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252701	6.1	MEDIUM Network	punkave	sanitize-html	Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTa…	CWE-79 Cross-site Scripting	CVE-2017-16016	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252702	6.1	MEDIUM Network	forms_project	forms	Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms m…	CWE-79 Cross-site Scripting	CVE-2017-16015	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252703	7.5	HIGH Network	http-proxy_project	http-proxy	Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.	CWE-388 7PK - Errors	CVE-2017-16014	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252704	7.5	HIGH Network	hapijs	hapi	hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to han…	CWE-20 Improper Input Validation	CVE-2017-16013	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252705	6.1	MEDIUM Network	ag-grid	ag-grid	ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid.	CWE-79 Cross-site Scripting	CVE-2017-16009	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252706	6.1	MEDIUM Network	i18next	i18next	i18next is a language translation framework. Because of how the interpolation is implemented, making replacements from the dictionary one at a time, untrusted user input can use the name of one of th…	CWE-79 Cross-site Scripting	CVE-2017-16008	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252707	5.9	MEDIUM Network	cisco	node-jose	node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an …	NVD-CWE-noinfo	CVE-2017-16007	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252708	6.1	MEDIUM Network	remarkable_project	remarkable	Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript.	CWE-79 Cross-site Scripting	CVE-2017-16006	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252709	7.5	HIGH Network	joyent	http-signature	Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signatur…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2017-16005	2024-11-21 12:15	2018-06-5	Show	GitHub Exploit DB Packet Storm

252710	7.5	HIGH Network	gaoxuyan_project	gaoxuyan	gaoxuyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.	CWE-22 Path Traversal	CVE-2017-16153	2024-11-21 12:15	2018-05-30	Show	GitHub Exploit DB Packet Storm