Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
601	8.2	重要 Local	オラクル	Oracle VM VirtualBox	オラクルのOracle VM VirtualBoxにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-21956	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

602	7.5	重要 Local	オラクル	Oracle VM VirtualBox	オラクルのOracle VM VirtualBoxにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-21957	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

603	4.9	警告 Network	オラクル	Oracle Workflow	オラクルのOracle Workflowにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-21959	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

604	6.5	警告 Network	オラクル	Oracle Applications DBA	オラクルのOracle Applications DBAにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-21960	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

605	10	緊急 Network	オラクル	Oracle Weblogic Server Proxy Plug-in Oracle HTTP Server	オラクルのOracle HTTP Server等の複数製品におけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-21962	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

606	6	警告 Local	オラクル	Oracle VM VirtualBox	オラクルのOracle VM VirtualBoxにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-21963	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

607	4.9	警告 Network	オラクル	MySQL	オラクルのMySQLにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21964	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

608	6.1	警告 Network	オラクル	Oracle Hospitality OPERA 5	オラクルのOracle Hospitality OPERA 5における不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21966	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

609	8.6	重要 Network	オラクル	Oracle Hospitality OPERA 5	オラクルのOracle Hospitality OPERA 5における不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21967	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

610	9.8	緊急 Network	オラクル	Oracle Agile Product Lifecycle Management for Process	オラクルのOracle Agile Product Lifecycle Management for Processにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-21969	2026-02-2 19:35	2026-01-20	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
307241	-	tiki	tikiwiki_cms\/groupware	Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php in TikiWiki 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the pageAlias parameter. NOTE: The provenanc…	CWE-79 Cross-site Scripting	CVE-2006-6162	2012-10-24 13:00	2006-11-29	Show	GitHub Exploit DB Packet Storm

307242	-	tiki	tikiwiki_cms\/groupware	Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters.	CWE-79 Cross-site Scripting	CVE-2006-6163	2012-10-24 13:00	2006-11-29	Show	GitHub Exploit DB Packet Storm

307243	-	tiki	tikiwiki_cms\/groupware	tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to trigger "notification-spam" via certain vectors such as a comma-separated list of addresses in the email field, related to lack o…	CWE-20 Improper Input Validation	CVE-2006-6168	2012-10-24 13:00	2006-11-29	Show	GitHub Exploit DB Packet Storm

307244	-	tiki	tikiwiki_cms\/groupware	TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulne…	CWE-20 Improper Input Validation	CVE-2005-0200	2012-10-24 13:00	2005-05-2	Show	GitHub Exploit DB Packet Storm

307245	-	tiki	tikiwiki_cms\/groupware	Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.	CWE-79 Cross-site Scripting	CVE-2005-3283	2012-10-24 13:00	2005-10-23	Show	GitHub Exploit DB Packet Storm

307246	-	oracle	database_server	Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors.	NVD-CWE-noinfo	CVE-2010-0851	2012-10-23 12:20	2010-04-14	Show	GitHub Exploit DB Packet Storm

307247	-	oracle	database_server	Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown v…	NVD-CWE-noinfo	CVE-2010-0852	2012-10-23 12:20	2010-04-14	Show	GitHub Exploit DB Packet Storm

307248	-	oracle	fusion_middleware database_server	Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affe…	NVD-CWE-noinfo	CVE-2010-0853	2012-10-23 12:20	2010-04-14	Show	GitHub Exploit DB Packet Storm

307249	-	oracle	database_server	Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INS…	NVD-CWE-noinfo	CVE-2010-0854	2012-10-23 12:20	2010-04-14	Show	GitHub Exploit DB Packet Storm

307250	-	oracle	fusion_middleware	Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 allows remote attackers to affect availability via unknown vectors.	NVD-CWE-noinfo	CVE-2010-0856	2012-10-23 12:20	2010-04-14	Show	GitHub Exploit DB Packet Storm