Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257991 3.5 注意 オラクル - Oracle E-Business Suite の Oracle Workflow Cartridge コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0857 2010-05-13 15:10 2010-04-13 Show GitHub Exploit DB Packet Storm
257992 3.5 注意 オラクル - Oracle E-Business Suite の E-Business Intelligence コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0858 2010-05-13 15:10 2010-04-13 Show GitHub Exploit DB Packet Storm
257993 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Transportation Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0869 2010-05-13 15:10 2010-04-13 Show GitHub Exploit DB Packet Storm
257994 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Agile Engineering Data Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0871 2010-05-13 15:10 2010-04-13 Show GitHub Exploit DB Packet Storm
257995 4.3 警告 オラクル - Oracle E-Business Suite の Oracle Agile Engineering Data Management コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0865 2010-05-13 15:09 2010-04-13 Show GitHub Exploit DB Packet Storm
257996 5 警告 オラクル - Oracle E-Business Suite の Oracle HRMS (Self Service) コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0861 2010-05-13 15:09 2010-04-13 Show GitHub Exploit DB Packet Storm
257997 7.6 危険 マイクロソフト - Internet Explorer において VBScript および Windows Help を使用する際に任意のコードが実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0483 2010-05-12 15:20 2010-03-2 Show GitHub Exploit DB Packet Storm
257998 7.1 危険 マイクロソフト - Microsoft Windows の kernel における SMB 応答パケットの処理に関するサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-3676 2010-05-12 15:20 2009-11-13 Show GitHub Exploit DB Packet Storm
257999 5.8 警告 オラクル - Oracle E-Business Suite の Oracle iStore コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0868 2010-05-12 15:19 2010-04-13 Show GitHub Exploit DB Packet Storm
258000 6.4 警告 オラクル - Oracle E-Business Suite の Oracle Application Object Library コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0859 2010-05-12 15:19 2010-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266541 8.8 HIGH
Network 		dotcms dotcms SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter. CWE-89
SQL Injection 		CVE-2016-8905 2024-11-21 12:00 2016-11-15 Show GitHub Exploit DB Packet Storm
266542 8.8 HIGH
Network 		dotcms dotcms SQL injection vulnerability in the "Site Browser > Containers pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. CWE-89
SQL Injection 		CVE-2016-8904 2024-11-21 12:00 2016-11-15 Show GitHub Exploit DB Packet Storm
266543 8.8 HIGH
Network 		dotcms dotcms SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. CWE-89
SQL Injection 		CVE-2016-8903 2024-11-21 12:00 2016-11-15 Show GitHub Exploit DB Packet Storm
266544 9.8 CRITICAL
Network 		dotcms dotcms SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter. CWE-89
SQL Injection 		CVE-2016-8902 2024-11-21 12:00 2016-11-15 Show GitHub Exploit DB Packet Storm
266545 7.5 HIGH
Network 		7-zip p7zip A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams… CWE-476
 NULL Pointer Dereference 		CVE-2016-9296 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
266546 7.5 HIGH
Network 		artifex mujs Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed label… CWE-476
 NULL Pointer Dereference 		CVE-2016-9294 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
266547 9.8 CRITICAL
Network 		exponentcms exponent_cms In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration whic… CWE-89
SQL Injection 		CVE-2016-9288 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
266548 5.3 MEDIUM
Network 		exponentcms exponent_cms framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as d… CWE-200
Information Exposure 		CVE-2016-9286 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
266549 5.3 MEDIUM
Network 		exponentcms exponent_cms framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via a modified id number, as demonstrated by address/edit/id/1,… CWE-200
Information Exposure 		CVE-2016-9285 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm
266550 5.3 MEDIUM
Network 		exponentcms exponent_cms getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string. CWE-200
Information Exposure 		CVE-2016-9284 2024-11-21 12:00 2016-11-12 Show GitHub Exploit DB Packet Storm