Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255701 4 警告 オラクル - Oracle Database の Logical Standby コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-1996 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
255702 4.9 警告 オラクル - Oracle Database の Oracle Spatial コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3414 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
255703 4.9 警告 オラクル - Oracle Database の Oracle Data Pump コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3411 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
255704 6 警告 オラクル - Oracle Database の Application Express Application Builder コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0076 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
255705 9 危険 オラクル - Oracle Database の Oracle OLAP コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3415 2010-02-12 12:20 2010-01-12 Show GitHub Exploit DB Packet Storm
255706 10 危険 オラクル - Oracle Database の Listener コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0071 2010-02-12 12:20 2010-01-12 Show GitHub Exploit DB Packet Storm
255707 5 警告 Pidgin
Adium
レッドハット		 - Pidgin および Adium の MSN プロトコルプラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0013 2010-02-10 13:39 2010-01-8 Show GitHub Exploit DB Packet Storm
255708 10 危険 アドビシステムズ
レッドハット		 - Adobe Reader および Acrobat の U3D 実装における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2009-3959 2010-02-10 13:39 2010-01-12 Show GitHub Exploit DB Packet Storm
255709 10 危険 アドビシステムズ - Adobe Reader および Acrobat のダウンロードマネージャーにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-3958 2010-02-10 13:39 2010-01-12 Show GitHub Exploit DB Packet Storm
255710 5 警告 アドビシステムズ - Adobe Reader および Acrobat におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-3957 2010-02-10 13:39 2010-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
293501 - fortinet fortigate-3140b
fortigate-60c
fortigate-3040b
fortigate-300c
fortigate-600c
fortigate-5001a-sw
fortigate-3240c
fortigate-310b
fortigate-800c
fortigate-5020
fortigate-100… 		The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier … CWE-295
Improper Certificate Validation  		CVE-2012-4948 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293502 - ibm websphere_application_server Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hij… CWE-352
 Origin Validation Error 		CVE-2012-4853 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293503 - ibm websphere_application_server Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. CWE-79
Cross-site Scripting 		CVE-2012-4851 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293504 - ibm websphere_application_server IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, when JAX-RS is used, does not properly validate requests, which allows remote attackers to gain privileges via unspecified vectors. CWE-20
 Improper Input Validation  		CVE-2012-4850 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293505 - ibm cognos_business_intelligence IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted request containing a zero-valued byte. CWE-189
Numeric Errors 		CVE-2012-4847 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293506 - microsoft .net_framework The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary c… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4777 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293507 - microsoft .net_framework The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy setting… CWE-20
 Improper Input Validation  		CVE-2012-4776 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293508 - microsoft internet_explorer Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." CWE-399
 Resource Management Errors 		CVE-2012-4775 2024-11-21 10:43 2012-11-14 Show GitHub Exploit DB Packet Storm
293509 - bestpractical rt Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG clie… CWE-94
Code Injection 		CVE-2012-4884 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm
293510 - bestpractical rt Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "mod… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-4734 2024-11-21 10:43 2012-11-11 Show GitHub Exploit DB Packet Storm