Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
241451 4.3 警告 Moodle - Moodle の lib/db/upgrade.php におけるアクセス制限を回避される脆弱性 CWE-310
暗号の問題 		CVE-2011-4303 2012-07-12 15:14 2011-10-18 Show GitHub Exploit DB Packet Storm
241452 6.8 警告 Moodle - Moodle の MNET 内の mnet/xmlrpc/client.php における検証を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4302 2012-07-12 15:13 2011-10-18 Show GitHub Exploit DB Packet Storm
241453 5 警告 Moodle - Moodle の lib/formslib.php における予期せぬフォームコンテンツを送信される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4301 2012-07-12 15:08 2011-10-18 Show GitHub Exploit DB Packet Storm
241454 5 警告 Moodle - Moodle の file_browser コンポーネントにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4300 2012-07-12 15:06 2011-10-18 Show GitHub Exploit DB Packet Storm
241455 4.3 警告 Moodle - Moodle の mod/wiki/pagelib.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4299 2012-07-12 14:56 2011-10-18 Show GitHub Exploit DB Packet Storm
241456 6.8 警告 Moodle - Moodle の mod/wiki/ コンポーネントにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-4298 2012-07-12 14:55 2011-10-18 Show GitHub Exploit DB Packet Storm
241457 10 危険 ヒューレット・パッカード - HP Operations Agent における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-2020 2012-07-12 14:49 2012-07-9 Show GitHub Exploit DB Packet Storm
241458 10 危険 ヒューレット・パッカード - HP Operations Agent における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-2019 2012-07-12 14:48 2012-07-9 Show GitHub Exploit DB Packet Storm
241459 4.3 警告 マイクロソフト - 複数の Microsoft 製品の toStaticHTML API におけるクロスサイトスクリプティングの脆弱性 CWE-200
情報漏えい 		CVE-2012-1858 2012-07-12 14:23 2012-06-12 Show GitHub Exploit DB Packet Storm
241460 7.8 危険 Synel - Synel SY-780/A にサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2970 2012-07-11 16:22 2012-07-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266561 7.5 HIGH
Network 		bmc remedy_action_request_system Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password. CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2016-2349 2024-11-21 11:48 2016-12-22 Show GitHub Exploit DB Packet Storm
266562 9.8 CRITICAL
Network 		dotcms dotcms SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1. CWE-89
SQL Injection 		CVE-2016-2355 2024-11-21 11:48 2016-12-20 Show GitHub Exploit DB Packet Storm
266563 6.1 MEDIUM
Network 		open-xchange open-xchange_appsuite An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. The "session" parameter for file-download requests can be used to inject script code that gets reflected through the… CWE-79
Cross-site Scripting 		CVE-2016-2840 2024-11-21 11:48 2016-12-15 Show GitHub Exploit DB Packet Storm
266564 7.8 HIGH
Local 		7-zip
fedoraproject
oracle 		7-zip
fedora
solaris 		Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-2334 2024-11-21 11:48 2016-12-14 Show GitHub Exploit DB Packet Storm
266565 8.0 HIGH
Network 		ibm qradar_security_information_and_event_manager Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for r… CWE-352
 Origin Validation Error 		CVE-2016-2878 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266566 3.3 LOW
Local 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file. CWE-275
 Permission Issues 		CVE-2016-2877 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266567 7.5 HIGH
Network 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 executes unspecified processes at an incorrect privilege level, which makes it easier for remote authenticated users to obtain root access… CWE-264
CWE-78
Permissions, Privileges, and Access Controls
OS Command  		CVE-2016-2876 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266568 3.1 LOW
Network 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which allows remote authenticated users to obtain sensitive information via unspecified vectors. CWE-284
Improper Access Control 		CVE-2016-2874 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266569 8.8 HIGH
Network 		ibm qradar_security_information_and_event_manager SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2016-2873 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm
266570 7.8 HIGH
Local 		ibm qradar_security_information_and_event_manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file. CWE-255
Credentials Management 		CVE-2016-2871 2024-11-21 11:48 2016-12-1 Show GitHub Exploit DB Packet Storm