Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251701 4.3 警告 Apache Software Foundation - Apache Struts におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1006 2012-02-8 16:34 2012-02-7 Show GitHub Exploit DB Packet Storm
251702 10 危険 シマンテック - Symantec pcAnywhere 製品におけるクライアントへアクセスされる脆弱性 CWE-noinfo
情報不足 		CVE-2012-0290 2012-02-8 16:33 2012-01-24 Show GitHub Exploit DB Packet Storm
251703 7.1 危険 IBM - IBM AIX の TCP 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2012-0194 2012-02-8 16:28 2012-02-3 Show GitHub Exploit DB Packet Storm
251704 10 危険 Broadwin - Advantech/BroadWin WebAccess の webvrpcs.exe における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4041 2012-02-8 16:27 2012-02-6 Show GitHub Exploit DB Packet Storm
251705 5 警告 Opera Software ASA - Opera における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-1003 2012-02-8 16:18 2012-02-7 Show GitHub Exploit DB Packet Storm
251706 4 警告 DELL EMC (旧 EMC Corporation) - EMC Documentum xPlore におけるオブジェクトの存在を特定される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0396 2012-02-8 16:15 2012-02-6 Show GitHub Exploit DB Packet Storm
251707 8.5 危険 シーメンス - 複数の Siemens 製品の HMI Web サーバにおける任意のメモリロケーションからデータを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4879 2012-02-8 11:12 2012-01-24 Show GitHub Exploit DB Packet Storm
251708 7.8 危険 シーメンス - 複数の Siemens 製品の HMI Web サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4878 2012-02-8 11:11 2012-01-24 Show GitHub Exploit DB Packet Storm
251709 7.1 危険 シーメンス - 複数の Siemens 製品の HmiLoad におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4877 2012-02-8 11:09 2012-01-24 Show GitHub Exploit DB Packet Storm
251710 9.3 危険 シーメンス - 複数の Siemens 製品の HmiLoad におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4876 2012-02-8 11:07 2012-01-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
247611 7.2 HIGH
Network 		netiq identity_manager NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user admini… CWE-20
 Improper Input Validation  		CVE-2017-9279 2024-11-21 12:35 2018-03-3 Show GitHub Exploit DB Packet Storm
247612 9.8 CRITICAL
Network 		netiq identity_manager The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2017-9278 2024-11-21 12:35 2018-03-3 Show GitHub Exploit DB Packet Storm
247613 7.5 HIGH
Network 		novell edirectory The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA. NVD-CWE-noinfo
CVE-2017-9277 2024-11-21 12:35 2018-03-3 Show GitHub Exploit DB Packet Storm
247614 6.1 MEDIUM
Network 		netiq access_manager Novell Access Manager iManager before 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter. CWE-79
Cross-site Scripting 		CVE-2017-9276 2024-11-21 12:35 2018-03-3 Show GitHub Exploit DB Packet Storm
247615 7.5 HIGH
Network 		novell edirectory In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations. NVD-CWE-noinfo
CVE-2017-9267 2024-11-21 12:35 2018-03-3 Show GitHub Exploit DB Packet Storm
247616 8.8 HIGH
Network 		opensuse leap The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsafe manner, which could have allowed scripts running as wwwrun user to escalate privileges to root during nextcloud package upgrad… NVD-CWE-noinfo
CVE-2017-9286 2024-11-21 12:35 2018-03-2 Show GitHub Exploit DB Packet Storm
247617 7.8 HIGH
Local 		opensuse obs-service-source_validator A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs. CWE-78
OS Command  		CVE-2017-9274 2024-11-21 12:35 2018-03-2 Show GitHub Exploit DB Packet Storm
247618 3.3 LOW
Local 		opensuse
fedoraproject 		zypper
fedora 		The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used. CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2017-9271 2024-11-21 12:35 2018-03-2 Show GitHub Exploit DB Packet Storm
247619 9.1 CRITICAL
Network 		opensuse cryptctl In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database. CWE-20
 Improper Input Validation  		CVE-2017-9270 2024-11-21 12:35 2018-03-2 Show GitHub Exploit DB Packet Storm
247620 9.8 CRITICAL
Network 		opensuse libzypp In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential mali… CWE-20
 Improper Input Validation  		CVE-2017-9269 2024-11-21 12:35 2018-03-2 Show GitHub Exploit DB Packet Storm