Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255391 2.6 注意 オラクル - Oracle E-Business Suite の Oracle Knowledge Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0836 2010-08-5 16:36 2010-07-13 Show GitHub Exploit DB Packet Storm
255392 3.5 注意 オラクル - Oracle E-Business Suite の Oracle Applications Framework コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0909 2010-08-5 16:35 2010-07-13 Show GitHub Exploit DB Packet Storm
255393 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Applications Manager コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0913 2010-08-5 16:35 2010-07-13 Show GitHub Exploit DB Packet Storm
255394 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Applications Manager コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0905 2010-08-5 16:35 2010-07-13 Show GitHub Exploit DB Packet Storm
255395 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Applications Framework コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0912 2010-08-5 16:35 2010-07-13 Show GitHub Exploit DB Packet Storm
255396 5.5 警告 オラクル - Oracle E-Business Suite の Oracle Advanced Product Catalog コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0915 2010-08-5 16:34 2010-07-13 Show GitHub Exploit DB Packet Storm
255397 7.5 危険 オラクル - Oracle E-Business Suite の Oracle Applications Framework コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0908 2010-08-5 16:34 2010-07-13 Show GitHub Exploit DB Packet Storm
255398 4.3 警告 オラクル - Oracle Enterprise Manager Grid Control の Console コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-2373 2010-08-5 16:33 2010-07-13 Show GitHub Exploit DB Packet Storm
255399 4.3 警告 オラクル - Oracle Fusion Middleware の Oracle Business Process Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-2370 2010-08-5 16:33 2010-07-13 Show GitHub Exploit DB Packet Storm
255400 5 警告 オラクル - Oracle Secure Backup における脆弱性 CWE-noinfo
情報不足 		CVE-2010-0904 2010-08-5 16:33 2010-07-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
273921 9.8 CRITICAL
Network 		eclinicalworks population_health eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When authenticating a user, the application does not assign a new session ID, making it possible to use an exist… CWE-284
CWE-384
Improper Access Control
 Session Fixation 		CVE-2015-4594 2024-11-21 11:31 2017-01-11 Show GitHub Exploit DB Packet Storm
273922 8.8 HIGH
Network 		eclinicalworks population_health eClinicalWorks Population Health (CCMR) suffers from a cross-site request forgery (CSRF) vulnerability in portalUserService.jsp which allows remote attackers to hijack the authentication of content a… CWE-352
 Origin Validation Error 		CVE-2015-4593 2024-11-21 11:31 2017-01-11 Show GitHub Exploit DB Packet Storm
273923 8.8 HIGH
Network 		eclinicalworks population_health eClinicalWorks Population Health (CCMR) suffers from an SQL injection vulnerability in portalUserService.jsp which allows remote authenticated users to inject arbitrary malicious database commands as… CWE-89
SQL Injection 		CVE-2015-4592 2024-11-21 11:31 2017-01-11 Show GitHub Exploit DB Packet Storm
273924 6.1 MEDIUM
Network 		eclinicalworks population_health eClinicalWorks Population Health (CCMR) suffers from a cross site scripting vulnerability in login.jsp which allows remote unauthenticated users to inject arbitrary javascript via the strMessage para… CWE-79
Cross-site Scripting 		CVE-2015-4591 2024-11-21 11:31 2017-01-11 Show GitHub Exploit DB Packet Storm
273925 7.5 HIGH
Network 		redhat
php 		enterprise_linux
php 		The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table nam… NVD-CWE-Other
CVE-2015-4644 2024-11-21 11:31 2016-05-16 Show GitHub Exploit DB Packet Storm
273926 9.8 CRITICAL
Network 		php
debian
redhat
oracle 		php
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_server_tus… 		Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply t… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-4643 2024-11-21 11:31 2016-05-16 Show GitHub Exploit DB Packet Storm
273927 9.8 CRITICAL
Network 		php php The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted… CWE-78
OS Command  		CVE-2015-4642 2024-11-21 11:31 2016-05-16 Show GitHub Exploit DB Packet Storm
273928 9.8 CRITICAL
Network 		php
redhat 		php
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_node_eus
enterprise_l… 		The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpecte… NVD-CWE-Other
CVE-2015-4603 2024-11-21 11:31 2016-05-16 Show GitHub Exploit DB Packet Storm
273929 7.5 HIGH
Network 		php
redhat 		php
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_node_eus
enterprise_l… 		The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, … CWE-20
 Improper Input Validation  		CVE-2015-4605 2024-11-21 11:31 2016-05-16 Show GitHub Exploit DB Packet Storm
273930 7.5 HIGH
Network 		php
redhat 		php
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_node_eus
enterprise_l… 		The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relatio… CWE-20
 Improper Input Validation  		CVE-2015-4604 2024-11-21 11:31 2016-05-16 Show GitHub Exploit DB Packet Storm