Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 27, 2026, 8:58 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201271	6.1	警告 Network	Atlassian	-	Atlassian Confluence におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-8398	2016-04-14 16:04	2015-11-16	Show	GitHub Exploit DB Packet Storm

201272	6.1	警告 Network	Apache Software Foundation	-	Apache Wicket の RadioGroup および CheckBoxMultipleChoice クラスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-7520	2016-04-14 16:03	2015-09-29	Show	GitHub Exploit DB Packet Storm

201273	6.1	警告 Network	Apache Software Foundation	-	Apache Wicket の org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-5347	2016-04-14 16:03	2015-11-19	Show	GitHub Exploit DB Packet Storm

201274	6.5	警告 Network	Apache Software Foundation	-	Apache Ranger の Policy Admin Tool におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-5167	2016-04-14 16:03	2015-07-1	Show	GitHub Exploit DB Packet Storm

201275	6.1	警告 Network	Apache Software Foundation	-	Apache OFBiz の ModelFormField.java の DisplayEntityField.getDescription メソッドにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2015-3268	2016-04-14 16:03	2015-02-21	Show	GitHub Exploit DB Packet Storm

201276	7.1	重要 Network	Apache Software Foundation	-	Apache Ranger の Policy Admin Tool におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-0266	2016-04-14 16:03	2015-08-5	Show	GitHub Exploit DB Packet Storm

201277	8.8	重要 Network	Puppet	-	Puppet Enterprise におけるホストのホワイトリスト保護メカニズムを回避される脆弱性	CWE-Other その他	CVE-2015-7330	2016-04-14 15:11	2015-12-29	Show	GitHub Exploit DB Packet Storm

201278	7.3	重要 Network	レッドハット	-	Red Hat Enterprise Linux OpenStack Platform で使用される TripleO Heat テンプレートにおけるアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-5329	2016-04-14 15:04	2015-12-21	Show	GitHub Exploit DB Packet Storm

201279	8.8	重要 Network	The Cacti Group	-	Cacti の graph_view.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-3659	2016-04-14 15:03	2016-03-24	Show	GitHub Exploit DB Packet Storm

201280	8.8	重要 Network	The Cacti Group	-	Cacti の tree.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2016-3172	2016-04-14 15:03	2016-03-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 27, 2026, 1:20 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
297791	-	microsoft	windows_server_2008 windows_7 windows_vista windows_media_center_tv_pack	Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista…	NVD-CWE-Other	CVE-2011-0032	2024-11-21 10:23	2011-03-10	Show	GitHub Exploit DB Packet Storm

297792	-	microsoft	remote_desktop_connection_client windows_2003_server windows_server_2003 windows_xp windows_7 windows_server_2008 windows_vista	Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working dir…	NVD-CWE-Other	CVE-2011-0029	2024-11-21 10:23	2011-03-10	Show	GitHub Exploit DB Packet Storm

297793	-	alcatel-lucent	omnivista	Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP G…	CWE-22 Path Traversal	CVE-2011-0345	2024-11-21 10:23	2011-03-9	Show	GitHub Exploit DB Packet Storm

297794	-	alcatel-lucent	omnipcx	Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX E…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-0344	2024-11-21 10:23	2011-03-9	Show	GitHub Exploit DB Packet Storm

297795	-	gplhost	domain_technologie_control	shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_acc…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-0437	2024-11-21 10:23	2011-03-8	Show	GitHub Exploit DB Packet Storm

297796	-	gplhost	domain_technologie_control	The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attack…	CWE-310 Cryptographic Issues	CVE-2011-0436	2024-11-21 10:23	2011-03-8	Show	GitHub Exploit DB Packet Storm

297797	-	gplhost	domain_technologie_control	Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sens…	CWE-287 Improper Authentication	CVE-2011-0435	2024-11-21 10:23	2011-03-8	Show	GitHub Exploit DB Packet Storm

297798	-	gplhost	domain_technologie_control	Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php o…	CWE-89 SQL Injection	CVE-2011-0434	2024-11-21 10:23	2011-03-8	Show	GitHub Exploit DB Packet Storm

297799	-	hp	multifunction_peripheral_digital_sending_software	HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to acce…	CWE-287 Improper Authentication	CVE-2011-0279	2024-11-21 10:23	2011-03-8	Show	GitHub Exploit DB Packet Storm

297800	-	mozilla gnome	firefox pango	The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cau…	NVD-CWE-Other	CVE-2011-0064	2024-11-21 10:23	2011-03-8	Show	GitHub Exploit DB Packet Storm