Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251771	7.5	危険	Google	-	Google Chrome の Theora デコーダにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3892	2011-11-14 16:00	2011-11-10	Show	GitHub Exploit DB Packet Storm

251772	5	警告	Centreon	-	Merethis Centreon におけるクリアテキストのパスワードを容易に推測される脆弱性	CWE-310 暗号の問題	CVE-2011-4432	2011-11-14 15:49	2011-11-10	Show	GitHub Exploit DB Packet Storm

251773	6.5	警告	Centreon	-	Merethis Centreon の main.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-4431	2011-11-14 15:48	2011-11-10	Show	GitHub Exploit DB Packet Storm

251774	9.3	危険	DELL EMC (旧 EMC Corporation) Mozilla Foundation	-	EMC RSA Key Manager (RKM) Appliance における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2740	2011-11-14 15:47	2011-11-9	Show	GitHub Exploit DB Packet Storm

251775	8.5	危険	DELL EMC (旧 EMC Corporation)	-	EMC Documentum eRoom のファイルブロック機能における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2739	2011-11-14 15:43	2011-11-9	Show	GitHub Exploit DB Packet Storm

251776	1.5	注意	IBM	-	UNIX 上で動作する IBM DB2 におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	CWE-noinfo 情報不足	CVE-2011-1373	2011-11-14 15:42	2011-11-9	Show	GitHub Exploit DB Packet Storm

251777	9.3	危険	Investintech.com Inc.	-	Investintech.com Able2Doc および Able2Doc Professional におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-4221	2011-11-14 12:23	2011-11-1	Show	GitHub Exploit DB Packet Storm

251778	7.2	危険	Schneider Electric	-	複数の Schneider Electric 製品におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-3330	2011-11-14 12:23	2011-09-21	Show	GitHub Exploit DB Packet Storm

251779	5	警告	Mozilla Foundation	-	Mozilla Firefox および Thunderbird における同一生成元ポリシーを回避される脆弱性	CWE-200 情報漏えい	CVE-2011-3653	2011-11-14 11:45	2011-11-8	Show	GitHub Exploit DB Packet Storm

251780	2.6	注意	Mozilla Foundation	-	Mozilla Firefox および Thunderbird における同一生成元ポリシーを回避される脆弱性	CWE-200 情報漏えい	CVE-2011-3649	2011-11-14 11:39	2011-11-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 15, 2026, 4:28 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
248031	9.8	CRITICAL Network	xiongmaitech	uc-httpd	XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.	CWE-22 Path Traversal	CVE-2017-7577	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248032	8.8	HIGH Network	pivotx	pivotx	PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension (such as .jpg) and then invoking the duplicate function to ch…	CWE-94 Code Injection	CVE-2017-7570	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248033	9.8	CRITICAL Network	dragonwavex	horizon_wireless_radio_firmware	DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username of energetic and password of wireless) meant to allow the vendor to access the devices. These credent…	CWE-798 Use of Hard-coded Credentials	CVE-2017-7576	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248034	9.8	CRITICAL Network	schneider-electric	modicon_tm221ce16r_firmware	Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus p…	CWE-200 Information Exposure	CVE-2017-7575	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248035	9.8	CRITICAL Network	schneider-electric	modicon_tm221ce16r_firmware somachine	Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized…	CWE-798 Use of Hard-coded Credentials	CVE-2017-7574	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248036	8.0	HIGH Network	ladybirdweb	faveo_helpdesk	public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.	CWE-352 Origin Validation Error	CVE-2017-7571	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248037	8.6	HIGH Network	vbulletin	vbulletin	In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-7569	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248038	7.7	HIGH Network	mybb	mybb	MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-7566	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248039	8.8	HIGH Network	splunk	hadoop_connect	Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041.	CWE-22 Path Traversal	CVE-2017-7565	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm

248040	8.1	HIGH Network	backintime_project	backintime	The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condi…	CWE-362 Race Condition	CVE-2017-7572	2024-11-21 12:32	2017-04-7	Show	GitHub Exploit DB Packet Storm