Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251641 4.9 警告 baserCMSユーザー会 - BaserCMS におけるアクセス制限不備の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-2674 2011-09-30 12:04 2011-09-30 Show GitHub Exploit DB Packet Storm
251642 4.3 警告 baserCMSユーザー会 - BaserCMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-2673 2011-09-30 12:03 2011-09-30 Show GitHub Exploit DB Packet Storm
251643 5 警告 Joomla! - Joomla! における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3747 2011-09-29 16:56 2011-09-23 Show GitHub Exploit DB Packet Storm
251644 9.3 危険 Argonne National Laboratory - Bcfg2 のサーバにおける任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3211 2011-09-29 14:30 2011-09-16 Show GitHub Exploit DB Packet Storm
251645 9.3 危険 シーメンス - Siemens WinCC Runtime Advanced Loader におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3321 2011-09-29 14:27 2011-08-29 Show GitHub Exploit DB Packet Storm
251646 10 危険 Progea Srl - Progea Movicon / PowerHMI におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3498 2011-09-29 14:17 2011-09-16 Show GitHub Exploit DB Packet Storm
251647 5 警告 Cogent Real-Time Systems Inc. - Cogent DataHub の Web サーバにおける実行ファイルのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3502 2011-09-29 14:11 2011-09-16 Show GitHub Exploit DB Packet Storm
251648 9.3 危険 Interactive Data Corporation. - eSignal における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2011-3503 2011-09-29 14:05 2011-09-16 Show GitHub Exploit DB Packet Storm
251649 7.7 危険 DELL EMC (旧 EMC Corporation) - EMC Avamar におけるクライアントデータを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1740 2011-09-29 14:04 2011-09-19 Show GitHub Exploit DB Packet Storm
251650 9 危険 シスコシステムズ - Cisco Telepresence System Integrator C の cuil コンポーネントにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2543 2011-09-28 15:08 2011-09-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3601 9.8 CRITICAL
Network 		- - In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() At the end of this function, d is the traversal c… - CVE-2026-31436 2026-04-27 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm
3602 8.8 HIGH
Network 		- - In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get … - CVE-2026-31435 2026-04-27 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm
3603 8.8 HIGH
Network 		- - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in get_file_all_info() for compound requests When a compound request consists of QUERY_DIRECTORY + QUERY… - CVE-2026-31433 2026-04-27 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm
3604 8.8 HIGH
Network 		- - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERY_INFO for compound requests When a compound request such as READ + QUERY_INFO(Security) is received,… - CVE-2026-31432 2026-04-27 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm
3605 7.8 HIGH
Local 		- - In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the assoc… - CVE-2026-31431 2026-04-27 23:16 2026-04-22 Show GitHub Exploit DB Packet Storm
3606 - - - In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2 va… - CVE-2026-31429 2026-04-27 23:16 2026-04-20 Show GitHub Exploit DB Packet Storm
3607 6.3 MEDIUM
Network 		apache dolphinscheduler Deserialization of Untrusted Data vulnerability in Apache DolphinScheduler RPC module. This issue affects Apache DolphinScheduler:  Version >= 3.2.0 and < 3.3.1. Attackers who can access the Maste… CWE-502
 Deserialization of Untrusted Data 		CVE-2025-62233 2026-04-27 22:45 2026-04-24 Show GitHub Exploit DB Packet Storm
3608 6.6 MEDIUM
Local 		saurabh-kumar python-dotenv python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, `set_key()` and `unset_key()` in python-dotenv follow symbolic links when rewri… CWE-59
CWE-61
Link Following
 UNIX Symbolic Link (Symlink) Following 		CVE-2026-28684 2026-04-27 22:44 2026-04-21 Show GitHub Exploit DB Packet Storm
3609 8.1 HIGH
Network 		apache dolphinscheduler Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution… CWE-863
 Incorrect Authorization 		CVE-2026-23902 2026-04-27 22:42 2026-04-24 Show GitHub Exploit DB Packet Storm
3610 6.1 MEDIUM
Network 		astro astro Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex /<\/script>/g to sanitize values injected into inline <sc… CWE-79
Cross-site Scripting 		CVE-2026-41067 2026-04-27 22:41 2026-04-25 Show GitHub Exploit DB Packet Storm