Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251461 3.5 注意 OTRS プロジェクト - OTRS におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-5055 2012-03-27 18:42 2011-03-18 Show GitHub Exploit DB Packet Storm
251462 7.5 危険 Smarty - Smarty におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-5054 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251463 7.5 危険 Smarty - Smarty における任意の PHP コードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-5053 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251464 10 危険 Smarty - Smarty における詳細不明の脆弱性 CWE-noinfo
情報不足 		CVE-2009-5052 2012-03-27 18:42 2011-02-3 Show GitHub Exploit DB Packet Storm
251465 5 警告 Hastymail - Hastymail2 におけるクッキーを取り込まれる脆弱性 CWE-16
環境設定 		CVE-2009-5051 2012-03-27 18:42 2011-01-18 Show GitHub Exploit DB Packet Storm
251466 5 警告 ViewVC - ViewVC における cvsdb row_limit 設定を迂回される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-5024 2012-03-27 18:42 2011-05-23 Show GitHub Exploit DB Packet Storm
251467 6.8 警告 catb - gif2png における任意のコマンドを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-5018 2012-03-27 18:42 2011-01-14 Show GitHub Exploit DB Packet Storm
251468 4 警告 IBM - IBM Lotus Notes Traveler の traveler.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2009-5036 2012-03-27 18:42 2010-12-16 Show GitHub Exploit DB Packet Storm
251469 4.3 警告 IBM - IBM Lotus Notes Traveler の Nokia クライアントにおける他人への電子メールを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2009-5035 2012-03-27 18:42 2010-12-16 Show GitHub Exploit DB Packet Storm
251470 4 警告 IBM - IBM Lotus Notes Traveler におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-5034 2012-03-27 18:42 2010-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247391 7.5 HIGH
Network 		vmware
oracle
debian 		spring_framework
flexcube_private_banking
retail_xstore_point_of_service
application_testing_suite
hospitality_guest_access
weblogic_server
enterprise_manager_ops_center
endeca_i… 		Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through… CWE-829
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2018-11040 2024-11-21 12:42 2018-06-26 Show GitHub Exploit DB Packet Storm
247392 7.5 HIGH
Network 		ipconfigure orchid_core_vms IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal. CWE-22
Path Traversal 		CVE-2018-10956 2024-11-21 12:42 2018-06-26 Show GitHub Exploit DB Packet Storm
247393 5.9 MEDIUM
Network 		vmware
oracle
debian 		spring_framework
retail_xstore_point_of_service
weblogic_server
application_testing_suite
hospitality_guest_access
enterprise_manager_ops_center
primavera_p6_enterprise_project_port… 		Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including… NVD-CWE-noinfo
CVE-2018-11039 2024-11-21 12:42 2018-06-26 Show GitHub Exploit DB Packet Storm
247394 8.8 HIGH
Network 		gluster
debian 		glusterfs
debian_linux 		glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage poo… - CVE-2018-10841 2024-11-21 12:42 2018-06-21 Show GitHub Exploit DB Packet Storm
247395 8.8 HIGH
Network 		openwrt openwrt OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-11116 2024-11-21 12:42 2018-06-20 Show GitHub Exploit DB Packet Storm
247396 7.5 HIGH
Network 		cesanta mongoose The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an … CWE-125
CWE-476
Out-of-bounds Read
 NULL Pointer Dereference 		CVE-2018-10945 2024-11-21 12:42 2018-06-20 Show GitHub Exploit DB Packet Storm
247397 7.5 HIGH
Network 		strongswan
debian
canonical
fedoraproject 		strongswan
debian_linux
ubuntu_linux
fedora 		strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. CWE-909
 Missing Initialization of Resource 		CVE-2018-10811 2024-11-21 12:42 2018-06-20 Show GitHub Exploit DB Packet Storm
247398 9.8 CRITICAL
Network 		redislabs
debian
oracle
redhat 		redis
debian_linux
communications_operations_monitor
openstack 		An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. CWE-190
 Integer Overflow or Wraparound 		CVE-2018-11219 2024-11-21 12:42 2018-06-18 Show GitHub Exploit DB Packet Storm
247399 9.8 CRITICAL
Network 		redislabs
debian
oracle
redhat 		redis
debian_linux
communications_operations_monitor
openstack 		Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows. CWE-787
 Out-of-bounds Write 		CVE-2018-11218 2024-11-21 12:42 2018-06-18 Show GitHub Exploit DB Packet Storm
247400 9.8 CRITICAL
Network 		etere etereweb Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword. CWE-89
SQL Injection 		CVE-2018-10997 2024-11-21 12:42 2018-06-18 Show GitHub Exploit DB Packet Storm