Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252131	9.3	危険	マイクロソフト	-	Microsoft Office 2007 および 2010 における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-1982	2011-10-20 16:19	2011-09-13	Show	GitHub Exploit DB Packet Storm

252132	7.2	危険	マイクロソフト	-	Windows Server 2003 および 2008 の WINS における権限昇格の脆弱性性	CWE-264 認可・権限・アクセス制御	CVE-2011-1984	2011-10-20 16:19	2011-09-13	Show	GitHub Exploit DB Packet Storm

252133	9.3	危険	マイクロソフト	-	Microsoft Excel 2003 における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2011-1986	2011-10-20 16:18	2011-09-13	Show	GitHub Exploit DB Packet Storm

252134	9.3	危険	マイクロソフト	-	複数の Microsoft Excel 製品における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-1987	2011-10-20 16:18	2011-09-13	Show	GitHub Exploit DB Packet Storm

252135	9.3	危険	マイクロソフト	-	複数の Microsoft Excel 製品における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-1988	2011-10-20 16:18	2011-09-13	Show	GitHub Exploit DB Packet Storm

252136	9.3	危険	マイクロソフト	-	複数の Microsoft Excel 製品における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-1989	2011-10-20 16:17	2011-09-13	Show	GitHub Exploit DB Packet Storm

252137	9.3	危険	マイクロソフト	-	複数の Microsoft Excel 製品における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-1990	2011-10-20 16:17	2011-09-13	Show	GitHub Exploit DB Packet Storm

252138	9.3	危険	マイクロソフト	-	Microsoft Windows における権限昇格の脆弱性	CWE-Other その他	CVE-2011-1991	2011-10-20 16:17	2011-09-13	Show	GitHub Exploit DB Packet Storm

252139	9.3	危険	アドビシステムズ	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-2442	2011-10-20 16:14	2011-09-13	Show	GitHub Exploit DB Packet Storm

252140	9.3	危険	アドビシステムズ	-	Adobe Reader および Acrobat の CoolType.dll におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2441	2011-10-20 16:14	2011-09-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
281881	8.8	HIGH Network	fresh-media	brute_force_login_protection	Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests tha…	CWE-352 Origin Validation Error	CVE-2014-5034	2024-11-21 11:11	2018-04-7	Show	GitHub Exploit DB Packet Storm

281882	9.8	CRITICAL Network	drupal	storage_api	The Storage API module 7.x before 7.x-1.6 for Drupal might allow remote attackers to execute arbitrary code by leveraging failure to update .htaccess file contents after SA-CORE-2013-003.	CWE-20 Improper Input Validation	CVE-2014-5170	2024-11-21 11:11	2018-03-30	Show	GitHub Exploit DB Packet Storm

281883	6.5	MEDIUM Network	reviewboard	review_board	The Original File and Patched File resources in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive in…	CWE-200 Information Exposure	CVE-2014-5028	2024-11-21 11:11	2018-03-30	Show	GitHub Exploit DB Packet Storm

281884	4.3	MEDIUM Network	avolvesoftware	projectdox	Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses.	CWE-200 Information Exposure	CVE-2014-5132	2024-11-21 11:11	2018-03-28	Show	GitHub Exploit DB Packet Storm

281885	6.5	MEDIUM Network	avolvesoftware	projectdox	Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse.	CWE-200 Information Exposure	CVE-2014-5131	2024-11-21 11:11	2018-03-28	Show	GitHub Exploit DB Packet Storm

281886	6.5	MEDIUM Network	avolvesoftware	projectdox	Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token.	CWE-200 Information Exposure	CVE-2014-5130	2024-11-21 11:11	2018-03-28	Show	GitHub Exploit DB Packet Storm

281887	9.8	CRITICAL Network	google	android	DISPUTED SQL injection vulnerability in SQLiteDatabase.java in the SQLi Api in Android allows remote attackers to execute arbitrary SQL commands via the delete method.	CWE-89 SQL Injection	CVE-2014-4959	2024-11-21 11:11	2018-03-28	Show	GitHub Exploit DB Packet Storm

281888	9.8	CRITICAL Network	frog_cms_project	frog_cms	An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2014-4912	2024-11-21 11:11	2018-03-22	Show	GitHub Exploit DB Packet Storm

281889	8.8	HIGH Network	invisioncommunity	invision_power_board	SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter.	CWE-89 SQL Injection	CVE-2014-4928	2024-11-21 11:11	2018-03-21	Show	GitHub Exploit DB Packet Storm

281890	9.8	CRITICAL Network	thycotic	secret_server	The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended.	CWE-255 Credentials Management	CVE-2014-4861	2024-11-21 11:11	2018-03-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed