Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251821	3.3	注意	ihji NetBSD	-	pmake などの製品で使用される NetBSD の make インクルードファイルにおける任意のファイルを上書される脆弱性	CWE-59 リンク解釈の問題	CVE-2011-1920	2012-03-27 18:43	2011-05-23	Show	GitHub Exploit DB Packet Storm

251822	9.3	危険	Foxit Software Inc	-	Foxit Reader の FreeType エンジンのType 1 フォントデコーダにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1908	2012-03-27 18:43	2011-06-24	Show	GitHub Exploit DB Packet Storm

251823	5	警告	Trustwave	-	Trustwave WebDefend Enterprise におけるイベント収集テーブルを読まれる脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-1906	2012-03-27 18:43	2011-05-5	Show	GitHub Exploit DB Packet Storm

251824	6.8	警告	Proofpoint, Inc.	-	Proofpoint Protection Server の管理モジュールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-1905	2012-03-27 18:43	2011-05-5	Show	GitHub Exploit DB Packet Storm

251825	7.5	危険	Proofpoint, Inc.	-	Proofpoint Protection Server の Web インターフェース中の関数における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2011-1904	2012-03-27 18:43	2011-05-5	Show	GitHub Exploit DB Packet Storm

251826	7.5	危険	Proofpoint, Inc.	-	Proofpoint Protection Server の関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1903	2012-03-27 18:43	2011-05-5	Show	GitHub Exploit DB Packet Storm

251827	5	警告	Proofpoint, Inc.	-	Proofpoint Protection Server の Web インターフェースにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1902	2012-03-27 18:43	2011-05-5	Show	GitHub Exploit DB Packet Storm

251828	7.5	危険	Proofpoint, Inc.	-	Proofpoint Protection Server のメールフィルタ Web インターフェースにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2011-1901	2012-03-27 18:43	2011-05-5	Show	GitHub Exploit DB Packet Storm

251829	10	危険	Schneider Electric	-	InduSoft Web Studio の NTWebServer におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1900	2012-03-27 18:43	2011-05-4	Show	GitHub Exploit DB Packet Storm

251830	10	危険	ヒューレット・パッカード	-	HP Intelligent Management Center の iNodeMngChecker.exe におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1867	2012-03-27 18:43	2011-07-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246631	7.8	HIGH Local	jhead_project	jhead	The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of incon…	CWE-134 Use of Externally-Controlled Format String	CVE-2018-16554	2024-11-21 12:52	2018-09-16	Show	GitHub Exploit DB Packet Storm

246632	8.6	HIGH Network	lg	supersign_cms	LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.	CWE-200 Information Exposure	CVE-2018-16288	2024-11-21 12:52	2018-09-15	Show	GitHub Exploit DB Packet Storm

246633	9.8	CRITICAL Network	lg	supersign_cms	LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2018-16287	2024-11-21 12:52	2018-09-15	Show	GitHub Exploit DB Packet Storm

246634	9.8	CRITICAL Network	lg	supersign_cms	LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.	CWE-287 Improper Authentication	CVE-2018-16286	2024-11-21 12:52	2018-09-15	Show	GitHub Exploit DB Packet Storm

246635	5.3	MEDIUM Adjacent	o.bike	smart_locker_firmware obike-stationless_bike_sharing	oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable …	CWE-294 Authentication Bypass by Capture-replay	CVE-2018-16242	2024-11-21 12:52	2018-09-15	Show	GitHub Exploit DB Packet Storm

246636	6.5	MEDIUM Network	e107	e107	e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ip parameter.	CWE-89 SQL Injection	CVE-2018-16389	2024-11-21 12:52	2018-09-13	Show	GitHub Exploit DB Packet Storm

246637	7.2	HIGH Network	e107	e107	e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2018-16388	2024-11-21 12:52	2018-09-13	Show	GitHub Exploit DB Packet Storm

246638	7.5	HIGH Network	currency_converter_script_project	currency_converter_script	PHP Scripts Mall Currency Converter Script 2.0.5 allows remote attackers to cause a denial of service (web-interface change) via an inverted comma.	CWE-20 Improper Input Validation	CVE-2018-16454	2024-11-21 12:52	2018-09-8	Show	GitHub Exploit DB Packet Storm

246639	5.4	MEDIUM Network	filemanagerpro	file_manager	The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php an…	CWE-79 Cross-site Scripting	CVE-2018-16363	2024-11-21 12:52	2018-09-8	Show	GitHub Exploit DB Packet Storm

246640	5.3	MEDIUM Network	endress	wirelesshart_fieldgate_swg70_firmware	Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.	CWE-22 Path Traversal	CVE-2018-16059	2024-11-21 12:52	2018-09-8	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed