Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
255961 4.3 警告 オラクル - Oracle Industry Product Suite の Retail - Oracle Retail Plan In-Season コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0863 2010-05-13 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
255962 4.3 警告 オラクル - Oracle Industry Product Suite の Retail - Oracle Retail Place In-Season コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0864 2010-05-13 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
255963 4.3 警告 オラクル - Oracle Industry Product Suite の Retail - Oracle Retail Markdown Optimization コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0862 2010-05-13 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
255964 4.3 警告 オラクル - Oracle Industry Product Suite の Life Sciences - Oracle Thesaurus Management System コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0875 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
255965 4.3 警告 オラクル - Oracle Industry Product Suite の Life Sciences - Oracle Clinical Remote Data Capture Option コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0876 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
255966 4.3 警告 オラクル - Oracle Industry Product Suite の Communications - Oracle Communications Unified Inventory Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0874 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
255967 4 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0879 2010-05-13 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
255968 4 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0878 2010-05-13 15:11 2010-04-13 Show GitHub Exploit DB Packet Storm
255969 5 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0877 2010-05-13 15:11 2010-04-13 Show GitHub Exploit DB Packet Storm
255970 4 警告 オラクル - 複数の Oracle 製品の PeopleTools コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0880 2010-05-13 15:11 2010-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 20, 2026, 4:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247441 7.8 HIGH
Local 		linux linux_kernel The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial … CWE-125
Out-of-bounds Read 		CVE-2017-9074 2024-11-21 12:35 2017-05-19 Show GitHub Exploit DB Packet Storm
247442 6.1 MEDIUM
Network 		calendarxp popcalendarxp
flatcalendarxp 		Two CalendarXP products have XSS in common parts of HTML files. CalendarXP FlatCalendarXP through 9.9.290 has XSS in iflateng.htm and nflateng.htm. CalendarXP PopCalendarXP through 9.8.308 has XSS in… CWE-79
Cross-site Scripting 		CVE-2017-9072 2024-11-21 12:35 2017-05-19 Show GitHub Exploit DB Packet Storm
247443 4.7 MEDIUM
Network 		modx modx_revolution In MODX Revolution before 2.5.7, an attacker might be able to trigger XSS by injecting a payload into the HTTP Host header of a request. This is exploitable only in conjunction with other issues such… CWE-79
Cross-site Scripting 		CVE-2017-9071 2024-11-21 12:35 2017-05-19 Show GitHub Exploit DB Packet Storm
247444 5.4 MEDIUM
Network 		modx modx_revolution In MODX Revolution before 2.5.7, a user with resource edit permissions can inject an XSS payload into the title of any post via the pagetitle parameter to connectors/index.php. CWE-79
Cross-site Scripting 		CVE-2017-9070 2024-11-21 12:35 2017-05-19 Show GitHub Exploit DB Packet Storm
247445 8.8 HIGH
Network 		modx modx_revolution In MODX Revolution before 2.5.7, a user with file upload permissions is able to execute arbitrary code by uploading a file with the name .htaccess. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-9069 2024-11-21 12:35 2017-05-19 Show GitHub Exploit DB Packet Storm
247446 6.1 MEDIUM
Network 		modx modx_revolution In MODX Revolution before 2.5.7, an attacker is able to trigger Reflected XSS by injecting payloads into several fields on the setup page, as demonstrated by the database_type parameter. CWE-79
Cross-site Scripting 		CVE-2017-9068 2024-11-21 12:35 2017-05-19 Show GitHub Exploit DB Packet Storm
247447 7.0 HIGH
Local 		modx
php 		modx_revolution
php 		In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/i… CWE-22
Path Traversal 		CVE-2017-9067 2024-11-21 12:35 2017-05-19 Show GitHub Exploit DB Packet Storm
247448 8.6 HIGH
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2017-9066 2024-11-21 12:35 2017-05-18 Show GitHub Exploit DB Packet Storm
247449 7.5 HIGH
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API. CWE-20
 Improper Input Validation  		CVE-2017-9065 2024-11-21 12:35 2017-05-18 Show GitHub Exploit DB Packet Storm
247450 8.8 HIGH
Network 		wordpress
debian 		wordpress
debian_linux 		In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials. CWE-352
 Origin Validation Error 		CVE-2017-9064 2024-11-21 12:35 2017-05-18 Show GitHub Exploit DB Packet Storm