Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251691 7.5 危険 The Cacti Group - Cacti の auth_login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4824 2011-12-19 15:06 2011-09-26 Show GitHub Exploit DB Packet Storm
251692 4.3 警告 Atlassian - Atlassian FishEye のユーザプロファイル機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4822 2011-12-19 15:05 2011-10-24 Show GitHub Exploit DB Packet Storm
251693 3.6 注意 Artsoft Entertainment - Artsoft Entertainment の Rocks'n'Diamonds における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4606 2011-12-19 15:05 2011-12-15 Show GitHub Exploit DB Packet Storm
251694 4.3 警告 Digium - Asterisk の channels/chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-200
情報漏えい 		CVE-2011-4598 2011-12-19 15:03 2011-11-2 Show GitHub Exploit DB Packet Storm
251695 5 警告 Digium - Asterisk の UDP 実装での SIP におけるユーザ名を列挙される脆弱性 CWE-200
情報漏えい 		CVE-2011-4597 2011-12-19 15:01 2011-07-18 Show GitHub Exploit DB Packet Storm
251696 7.5 危険 Caupo.Net - CaupoShop Pro および CaupoShop Classic におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4832 2011-12-19 13:44 2011-12-15 Show GitHub Exploit DB Packet Storm
251697 4 警告 David Azoulay - Web File Browser の webFileBrowser.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4831 2011-12-19 13:43 2011-12-15 Show GitHub Exploit DB Packet Storm
251698 7.5 危険 e4j Extensions for Joomla - Joomla! 用 Vik Real Estate コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4823 2011-12-19 11:52 2011-12-15 Show GitHub Exploit DB Packet Storm
251699 3.5 注意 Barter Sites - Joomla! 用 Barter Sites の com_listing コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4830 2011-12-19 11:51 2011-12-15 Show GitHub Exploit DB Packet Storm
251700 7.5 危険 Barter Sites - Joomla! 用 Barter Sites の com_listing コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4829 2011-12-19 11:50 2011-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266201 7.8 HIGH
Local 		nvidia geforce_experience For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successf… NVD-CWE-Other
CVE-2016-3161 2024-11-21 11:49 2016-11-9 Show GitHub Exploit DB Packet Storm
266202 5.7 MEDIUM
Network 		ibm financial_transaction_manager Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote aut… CWE-284
Improper Access Control 		CVE-2016-3060 2024-11-21 11:49 2016-10-29 Show GitHub Exploit DB Packet Storm
266203 7.8 HIGH
Local 		microsoft word_viewer
live_meeting
windows_server_2012
lync
office
windows_10
windows_8.1
windows_server_2008
skype_for_business
windows_7
windows_rt_8.1
windows_vista 		Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-3396 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm
266204 5.3 MEDIUM
Network 		microsoft edge The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Micr… CWE-284
Improper Access Control 		CVE-2016-3392 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm
266205 5.3 MEDIUM
Network 		microsoft internet_explorer
edge 		Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure… CWE-200
Information Exposure 		CVE-2016-3391 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm
266206 7.5 HIGH
Network 		microsoft edge
internet_explorer 		The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-3390 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm
266207 7.5 HIGH
Network 		microsoft edge The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-3389 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm
266208 5.3 MEDIUM
Network 		microsoft internet_explorer
edge 		Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsof… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-3388 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm
266209 7.5 HIGH
Network 		microsoft internet_explorer
edge 		Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsof… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2016-3387 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm
266210 7.5 HIGH
Network 		microsoft edge The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-3386 2024-11-21 11:49 2016-10-14 Show GitHub Exploit DB Packet Storm