Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
258741 4.3 警告 オラクル - Oracle Fusion Middleware の Portal コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0798 2011-05-12 10:46 2011-04-19 Show GitHub Exploit DB Packet Storm
258742 3.5 注意 オラクル - Oracle Fusion Middleware の Single Sign On コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0795 2011-05-12 10:45 2011-04-19 Show GitHub Exploit DB Packet Storm
258743 1.7 注意 オラクル - Oracle Solaris における wbem の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2011-0790 2011-05-12 10:44 2011-04-19 Show GitHub Exploit DB Packet Storm
258744 4.3 警告 オラクル - Oracle Fusion Middleware の Oracle HTTP Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0789 2011-05-12 10:43 2011-04-19 Show GitHub Exploit DB Packet Storm
258745 6.1 警告 FON - La Fonera+ におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2011-1326 2011-05-11 12:02 2011-05-11 Show GitHub Exploit DB Packet Storm
258746 7.2 危険 シマンテック - Windows のヘルプ機能を使用するアプリケーションにおける権限昇格が可能になる問題 CWE-264
認可・権限・アクセス制御
CVE-2002-1540
CVE-2005-2017
2011-05-11 12:01 2011-05-11 Show GitHub Exploit DB Packet Storm
258747 5 警告 オラクル - Oracle Database Server の Network Foundation コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0806 2011-05-11 11:00 2011-04-19 Show GitHub Exploit DB Packet Storm
258748 4.3 警告 オラクル - Oracle Database Server の UIX コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0805 2011-05-11 10:58 2011-04-19 Show GitHub Exploit DB Packet Storm
258749 3.6 注意 オラクル - Oracle Database Server の Database Vault コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0804 2011-05-11 10:58 2011-04-19 Show GitHub Exploit DB Packet Storm
258750 6.5 警告 オラクル - Oracle Database Server の Oracle Warehouse Builder コンポーネントにおける脆弱性 CWE-noinfo
情報不足
CVE-2011-0799 2011-05-11 10:57 2011-04-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
264931 7.8 HIGH
Local
google android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead… CWE-20
CWE-772
 Improper Input Validation 
 Missing Release of Resource after Effective Lifetime
CVE-2017-15845 2024-11-21 12:15 2018-01-11 Show GitHub Exploit DB Packet Storm
264932 7.8 HIGH
Local
google android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulti… CWE-416
 Use After Free
CVE-2017-15849 2024-11-21 12:15 2018-01-11 Show GitHub Exploit DB Packet Storm
264933 6.1 MEDIUM
Network
paloaltonetworks pan-os Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is conf… CWE-79
Cross-site Scripting
CVE-2017-15941 2024-11-21 12:15 2018-01-11 Show GitHub Exploit DB Packet Storm
264934 6.1 MEDIUM
Network
apache sling_xss_protection_api
sling_xss_protection_api_compat
A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as … CWE-79
Cross-site Scripting
CVE-2017-15717 2024-11-21 12:15 2018-01-10 Show GitHub Exploit DB Packet Storm
264935 9.8 CRITICAL
Network
progress sitefinity Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via ve… CWE-287
Improper Authentication
CVE-2017-15883 2024-11-21 12:15 2018-01-9 Show GitHub Exploit DB Packet Storm
264936 7.8 HIGH
Local
navercorp whale The Installer in Whale allows DLL hijacking. CWE-426
 Untrusted Search Path
CVE-2017-15913 2024-11-21 12:15 2018-01-8 Show GitHub Exploit DB Packet Storm
264937 9.8 CRITICAL
Network
apache ofbiz The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this cod… CWE-74
Injection
CVE-2017-15714 2024-11-21 12:15 2018-01-5 Show GitHub Exploit DB Packet Storm
264938 5.4 MEDIUM
Network
synology chat Multiple cross-site scripting (XSS) vulnerabilities in Slash Command Creator in Synology Chat before 2.0.0-1124 allow remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND… CWE-79
Cross-site Scripting
CVE-2017-15892 2024-11-21 12:15 2017-12-29 Show GitHub Exploit DB Packet Storm
264939 6.5 MEDIUM
Network
synology chat Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0-1124 allows remote authenticated users to download arbitrary local files via a crafted URI. CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2017-15886 2024-11-21 12:15 2017-12-29 Show GitHub Exploit DB Packet Storm
264940 9.8 CRITICAL
Network
sistemagpweb gpweb Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database. CWE-732
 Incorrect Permission Assignment for Critical Resource
CVE-2017-15877 2024-11-21 12:15 2017-12-19 Show GitHub Exploit DB Packet Storm