Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217501 4.3 警告 Plone Foundation - Plone の traverser.py におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4188 2014-03-13 14:41 2013-06-18 Show GitHub Exploit DB Packet Storm
217502 5.4 警告 マイクロソフト - 複数の Microsoft Windows 製品の Security Account Manager Remote プロトコルの実装におけるアカウントロックアウトポリシーを回避される脆弱性 CWE-20
CWE-264
CVE-2014-0317 2014-03-13 14:40 2014-03-11 Show GitHub Exploit DB Packet Storm
217503 6.6 警告 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys におけるカーネルメモリから重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2014-0323 2014-03-13 14:39 2014-03-11 Show GitHub Exploit DB Packet Storm
217504 7.2 危険 マイクロソフト - 複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における権限昇格の脆弱性 CWE-119
バッファエラー 		CVE-2014-0300 2014-03-13 14:38 2014-03-11 Show GitHub Exploit DB Packet Storm
217505 7.1 危険 マイクロソフト - Microsoft Silverlight における DEP および ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0319 2014-03-13 14:33 2014-03-11 Show GitHub Exploit DB Packet Storm
217506 9.3 危険 マイクロソフト - 複数の Microsoft Windows 製品の DirectShow の qedit.dll におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-0301 2014-03-13 14:32 2014-03-11 Show GitHub Exploit DB Packet Storm
217507 9.3 危険 マイクロソフト - Microsoft Internet Explorer 8 から 11 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-0324 2014-03-13 14:30 2014-03-11 Show GitHub Exploit DB Packet Storm
217508 9.3 危険 マイクロソフト - Microsoft Internet Explorer 10 および 11 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-0321 2014-03-13 14:30 2014-03-11 Show GitHub Exploit DB Packet Storm
217509 9.3 危険 マイクロソフト - Microsoft Internet Explorer 9 および 10 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-0314 2014-03-13 14:30 2014-03-11 Show GitHub Exploit DB Packet Storm
217510 9.3 危険 マイクロソフト - Microsoft Internet Explorer 10 および 11 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-0313 2014-03-13 14:30 2014-03-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
295561 - cisco small_business_srp521w
small_business_srp526w
small_business_srp527w
small_business_srp520_series_firmware
small_business_srp541w
small_business_srp546w
small_business_srp547w
sm… 		Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.2… CWE-352
 Origin Validation Error 		CVE-2011-4005 2024-11-21 10:31 2011-11-3 Show GitHub Exploit DB Packet Storm
295562 - phpldapadmin_project phpldapadmin The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine act… CWE-94
Code Injection 		CVE-2011-4075 2024-11-21 10:31 2011-11-3 Show GitHub Exploit DB Packet Storm
295563 - phpldapadmin_project phpldapadmin Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command. CWE-79
Cross-site Scripting 		CVE-2011-4074 2024-11-21 10:31 2011-11-3 Show GitHub Exploit DB Packet Storm
295564 - phpmyadmin phpmyadmin Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. CWE-79
Cross-site Scripting 		CVE-2011-4064 2024-11-21 10:31 2011-11-2 Show GitHub Exploit DB Packet Storm
295565 - cisco webex_recording_format_player Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4004 2024-11-21 10:31 2011-10-28 Show GitHub Exploit DB Packet Storm
295566 - openldap openldap Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-ba… CWE-189
Numeric Errors 		CVE-2011-4079 2024-11-21 10:31 2011-10-28 Show GitHub Exploit DB Packet Storm
295567 - puppetlabs
puppet 		puppet
puppet_enterprise_users
puppet_enterprise 		Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to … CWE-20
 Improper Input Validation  		CVE-2011-3872 2024-11-21 10:31 2011-10-28 Show GitHub Exploit DB Packet Storm
295568 - puppetlabs
puppet 		puppet Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-3871 2024-11-21 10:31 2011-10-28 Show GitHub Exploit DB Packet Storm
295569 - puppetlabs
puppet 		puppet Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file. CWE-59
Link Following 		CVE-2011-3870 2024-11-21 10:31 2011-10-28 Show GitHub Exploit DB Packet Storm
295570 - puppetlabs
puppet 		puppet Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file. CWE-59
Link Following 		CVE-2011-3869 2024-11-21 10:31 2011-10-28 Show GitHub Exploit DB Packet Storm