Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190841 7.5 重要
Network 		Sendio, Inc. - Sendio におけるファイルおよびディレクトリ情報の漏えいに関する脆弱性 CWE-538
ファイルおよびディレクトリ情報の漏えい 		CVE-2016-10399 2017-09-1 13:50 2017-05-30 Show GitHub Exploit DB Packet Storm
190842 4.9 警告
Network 		GLPI-PROJECT.ORG - GLPI における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-11183 2017-09-1 13:44 2017-07-13 Show GitHub Exploit DB Packet Storm
190843 5.5 警告
Local 		Twibright Labs - Twibright Links における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-11114 2017-09-1 13:44 2017-07-30 Show GitHub Exploit DB Packet Storm
190844 7.5 重要
Network 		Christian Schramm - shoco における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-11367 2017-09-1 12:30 2017-02-22 Show GitHub Exploit DB Packet Storm
190845 6.5 警告
Network 		heinekingmedia GmbH - heinekingmedia StashCat における鍵管理のエラーに関する脆弱性 CWE-320
鍵管理のエラー 		CVE-2017-11136 2017-09-1 11:46 2017-07-31 Show GitHub Exploit DB Packet Storm
190846 7.5 重要
Network 		heinekingmedia GmbH - heinekingmedia StashCat における認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2017-11135 2017-09-1 11:46 2017-07-31 Show GitHub Exploit DB Packet Storm
190847 6.5 警告
Network 		heinekingmedia GmbH - heinekingmedia StashCat における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-11134 2017-09-1 11:46 2017-07-31 Show GitHub Exploit DB Packet Storm
190848 7.5 重要
Network 		heinekingmedia GmbH - heinekingmedia StashCat における暗号アルゴリズムの使用に関する脆弱性 CWE-327
不完全、または危険な暗号アルゴリズムの使用 		CVE-2017-11133 2017-09-1 11:46 2017-07-31 Show GitHub Exploit DB Packet Storm
190849 7.5 重要
Network 		heinekingmedia GmbH - heinekingmedia StashCat における暗号に関する脆弱性 CWE-310
暗号の問題 		CVE-2017-11132 2017-09-1 11:46 2017-07-31 Show GitHub Exploit DB Packet Storm
190850 5.9 警告
Network 		heinekingmedia GmbH - heinekingmedia StashCat における暗号に関する脆弱性 CWE-310
暗号の問題 		CVE-2017-11131 2017-09-1 11:46 2017-07-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
181 6.4 MEDIUM
Network 		- - Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can ins… New CWE-79
Cross-site Scripting 		CVE-2020-37240 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
182 8.2 HIGH
Network 		- - Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parame… New CWE-89
SQL Injection 		CVE-2020-37242 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
183 8.2 HIGH
Network 		- - Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl acti… New CWE-89
SQL Injection 		CVE-2020-37243 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
184 8.2 HIGH
Network 		- - Supsystic Membership 1.4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'search' and 'sidx' p… New CWE-89
SQL Injection 		CVE-2020-37244 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
185 7.5 HIGH
Network 		- - Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequ… New CWE-79
Cross-site Scripting 		CVE-2020-37245 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
186 6.2 MEDIUM
Local 		- - Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers ca… New CWE-98
 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 		CVE-2020-37246 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
187 7.8 HIGH
Local 		- - Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers … New CWE-428
 Unquoted Search Path or Element 		CVE-2020-37247 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
188 5.3 MEDIUM
Network 		- - MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and … New CWE-79
Cross-site Scripting 		CVE-2021-47934 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
189 8.2 HIGH
Network 		- - LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send… New CWE-89
SQL Injection 		CVE-2021-47954 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm
190 7.5 HIGH
Network 		- - Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payl… New CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2021-47969 2026-05-19 02:32 2026-05-17 Show GitHub Exploit DB Packet Storm