Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251311	6.5	警告	Best Practical Solutions	-	Best Practical Solutions RT におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5093	2012-06-6 14:16	2012-06-4	Show	GitHub Exploit DB Packet Storm

251312	7.5	危険	Best Practical Solutions	-	Best Practical Solutions RT における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-5092	2012-06-6 14:16	2012-06-4	Show	GitHub Exploit DB Packet Storm

251313	6.5	警告	Best Practical Solutions	-	Best Practical Solutions RT における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4460	2012-06-6 14:14	2012-06-4	Show	GitHub Exploit DB Packet Storm

251314	3.5	注意	Best Practical Solutions	-	Best Practical Solutions RT におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4459	2012-06-6 14:14	2012-06-4	Show	GitHub Exploit DB Packet Storm

251315	6.8	警告	Best Practical Solutions	-	Best Practical Solutions RT における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4458	2012-06-6 14:12	2012-06-4	Show	GitHub Exploit DB Packet Storm

251316	6.8	警告	Best Practical Solutions	-	Best Practical Solutions RT におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-2085	2012-06-6 14:10	2012-06-4	Show	GitHub Exploit DB Packet Storm

251317	4	警告	Best Practical Solutions	-	Best Practical Solutions RT における過去のパスワードハッシュを読まれる脆弱性	CWE-200 情報漏えい	CVE-2011-2084	2012-06-6 14:09	2012-06-4	Show	GitHub Exploit DB Packet Storm

251318	4.3	警告	Best Practical Solutions	-	Best Practical Solutions RT におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-2083	2012-06-6 14:07	2012-06-4	Show	GitHub Exploit DB Packet Storm

251319	5	警告	Best Practical Solutions	-	Best Practical Solutions RT における平文パスワードを検出される脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-2082	2012-06-6 14:05	2012-06-4	Show	GitHub Exploit DB Packet Storm

251320	5	警告	インターネットイニシアティブ	-	SEIL シリーズにおけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2632	2012-06-6 12:01	2012-06-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254131	8.8	HIGH Network	openexr	openexr	In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.	NVD-CWE-noinfo	CVE-2017-9113	2024-11-21 12:35	2017-05-22	Show	GitHub Exploit DB Packet Storm

254132	6.5	MEDIUM Network	openexr	openexr	In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash.	NVD-CWE-noinfo	CVE-2017-9112	2024-11-21 12:35	2017-05-22	Show	GitHub Exploit DB Packet Storm

254133	8.8	HIGH Network	openexr	openexr	In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.	NVD-CWE-noinfo	CVE-2017-9111	2024-11-21 12:35	2017-05-22	Show	GitHub Exploit DB Packet Storm

254134	6.5	MEDIUM Network	openexr	openexr	In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash.	NVD-CWE-noinfo	CVE-2017-9110	2024-11-21 12:35	2017-05-22	Show	GitHub Exploit DB Packet Storm

254135	9.8	CRITICAL Network	playsms	playsms	import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2017-9101	2024-11-21 12:35	2017-05-22	Show	GitHub Exploit DB Packet Storm

254136	7.3	HIGH Local	pmail	pegasus	winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbi…	CWE-20 Improper Input Validation	CVE-2017-9046	2024-11-21 12:35	2017-05-21	Show	GitHub Exploit DB Packet Storm

254137	7.5	HIGH Network	secure-bytes	secure_cisco_auditor	Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing attackers to read arbitrary files via…	CWE-22 Path Traversal	CVE-2017-9024	2024-11-21 12:35	2017-05-21	Show	GitHub Exploit DB Packet Storm

254138	8.8	HIGH Adjacent	dlink	dir-600m_firmware	login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.	CWE-287 Improper Authentication	CVE-2017-9100	2024-11-21 12:35	2017-05-21	Show	GitHub Exploit DB Packet Storm

254139	7.5	HIGH Network	imagemagick graphicsmagick debian	imagemagick graphicsmagick debian_linux	ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated …	CWE-908 Use of Uninitialized Resource	CVE-2017-9098	2024-11-21 12:35	2017-05-20	Show	GitHub Exploit DB Packet Storm

254140	6.5	MEDIUM Network	entropymine	imageworsener	The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-9094	2024-11-21 12:35	2017-05-20	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed