Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255691 5 警告 オラクル - BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0074 2010-02-15 19:32 2010-01-12 Show GitHub Exploit DB Packet Storm
255692 5 警告 オラクル - BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0068 2010-02-15 19:32 2010-01-12 Show GitHub Exploit DB Packet Storm
255693 4.3 警告 オラクル - Oracle Application Server の J2EE コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0070 2010-02-15 19:31 2010-01-12 Show GitHub Exploit DB Packet Storm
255694 5 警告 オラクル - Oracle Application Server の J2EE コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0067 2010-02-15 19:31 2010-01-12 Show GitHub Exploit DB Packet Storm
255695 5 警告 オラクル - Oracle Application Server の Access Manager Identity Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0066 2010-02-15 19:31 2010-01-12 Show GitHub Exploit DB Packet Storm
255696 7.8 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-1385 2010-02-15 11:03 2009-06-4 Show GitHub Exploit DB Packet Storm
255697 4.6 警告 サイバートラスト株式会社
Todd C. Miller		 - sudo の Perl スクリプト実行時における権限昇格の脆弱性 - CVE-2005-4158 2010-02-15 11:03 2005-11-8 Show GitHub Exploit DB Packet Storm
255698 1 注意 オラクル - Oracle Database および Oracle Application Server の Unzip コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3412 2010-02-12 12:22 2010-01-12 Show GitHub Exploit DB Packet Storm
255699 3.2 注意 オラクル - Oracle Database の Oracle Spatial コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3413 2010-02-12 12:22 2010-01-12 Show GitHub Exploit DB Packet Storm
255700 3.6 注意 オラクル - Oracle Database の RDBMS コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3410 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
258301 9.8 CRITICAL
Network 		medhost connex MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the da… CWE-798
 Use of Hard-coded Credentials 		CVE-2017-11614 2024-11-21 12:08 2017-07-26 Show GitHub Exploit DB Packet Storm
258302 7.8 HIGH
Local 		appsec-labs appuse AppUse 4.0 allows shell command injection via a proxy field. CWE-78
OS Command  		CVE-2017-11566 2024-11-21 12:08 2017-07-26 Show GitHub Exploit DB Packet Storm
258303 6.5 MEDIUM
Network 		libsass libsass There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack. CWE-125
Out-of-bounds Read 		CVE-2017-11608 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm
258304 6.5 MEDIUM
Network 		libsass libsass There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1. A crafted input will lead to a remote denial of service attack. CWE-125
Out-of-bounds Read 		CVE-2017-11605 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm
258305 7.0 HIGH
Local 		linux linux_kernel net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local… CWE-125
Out-of-bounds Read 		CVE-2017-11600 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm
258306 5.4 MEDIUM
Network 		loomio loomio Cross-site scripting (XSS) vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new threa… CWE-79
Cross-site Scripting 		CVE-2017-11594 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm
258307 6.1 MEDIUM
Network 		ooso markdown_preview_plus Cross-site scripting (XSS) vulnerability in the Markdown Preview Plus extension before 0.5.7 for Chrome allows remote attackers to inject arbitrary web script or HTML into some web applications via t… CWE-79
Cross-site Scripting 		CVE-2017-11593 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm
258308 7.5 HIGH
Network 		exiv2 exiv2 There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via craft… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-11592 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm
258309 7.5 HIGH
Network 		exiv2
canonical
debian 		exiv2
ubuntu_linux
debian_linux 		There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. NVD-CWE-noinfo
CVE-2017-11591 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm
258310 7.5 HIGH
Network 		gnome libgxps There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack. CWE-476
 NULL Pointer Dereference 		CVE-2017-11590 2024-11-21 12:08 2017-07-24 Show GitHub Exploit DB Packet Storm