Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252201	7.8	危険	シスコシステムズ	-	Cisco Unified Communications Manager におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2009-2050	2011-06-14 10:06	2009-08-26	Show	GitHub Exploit DB Packet Storm

252202	3.5	注意	シスコシステムズ	-	Cisco Unified CCX サーバの CRS 内にある管理インターフェイスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2048	2011-06-14 10:02	2009-07-15	Show	GitHub Exploit DB Packet Storm

252203	6.8	警告	The GIMP Team レッドハット	-	GIMP の PCX プラグインにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1178	2011-06-14 09:55	2011-05-31	Show	GitHub Exploit DB Packet Storm

252204	3.3	注意	サイバートラスト株式会社レッドハット	-	libvirt の libvirtd におけるサービス運用妨害 (クラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1486	2011-06-14 09:55	2011-05-2	Show	GitHub Exploit DB Packet Storm

252205	6.9	警告	レッドハット	-	PolicyKit の pkexec ユーティリティおよび polkitd デーモンにおける権限を取得される脆弱性	CWE-362 競合状態	CVE-2011-1485	2011-06-14 09:54	2011-04-19	Show	GitHub Exploit DB Packet Storm

252206	9	危険	シスコシステムズ	-	Cisco Unified CCX サーバの CRS 内にある管理インターフェイスにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-2047	2011-06-13 14:51	2009-07-15	Show	GitHub Exploit DB Packet Storm

252207	6.8	警告	シスコシステムズ	-	Cisco Video Surveillance 2500 Series IP Camera 上の組込み Web サーバにおける任意のファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2009-2046	2011-06-13 14:49	2009-06-24	Show	GitHub Exploit DB Packet Storm

252208	7.8	危険	シスコシステムズ	-	Cisco Video Surveillance Stream Manager におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-2045	2011-06-13 14:47	2009-06-24	Show	GitHub Exploit DB Packet Storm

252209	7.5	危険	The GIMP Team レッドハット	-	GIMP の PSP プラグインにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4543	2011-06-13 14:44	2011-01-7	Show	GitHub Exploit DB Packet Storm

252210	6.8	警告	The GIMP Team レッドハット	-	GIMP の GFIG プラグインにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4542	2011-06-13 14:43	2011-01-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
257941	6.5	MEDIUM Network	plone	plone	Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part…	NVD-CWE-noinfo	CVE-2017-1000483	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257942	5.4	MEDIUM Network	plone	plone	A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the home page link on the author page.	CWE-79 Cross-site Scripting	CVE-2017-1000482	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257943	9.8	CRITICAL Network	smarty	smarty	Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.	CWE-94 Code Injection	CVE-2017-1000480	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257944	6.1	MEDIUM Network	plone	plone	When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you t…	CWE-601 Open Redirect	CVE-2017-1000481	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257945	8.8	HIGH Network	opnsense_project netgate	opnsense pfsense	pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Fram…	CWE-352 Origin Validation Error	CVE-2017-1000479	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257946	5.4	MEDIUM Network	elabftw	elabftw	ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in the experiment infos component resulting in arbitrary execution of JavaScript and denial of service.	CWE-79 Cross-site Scripting	CVE-2017-1000478	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257947	7.5	HIGH Network	xmlbundle_project	xmlbundle	XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result in denial of service attacks.	CWE-611 XXE	CVE-2017-1000477	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257948	6.5	MEDIUM Network	imagemagick debian canonical	imagemagick debian_linux ubuntu_linux	ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.	CWE-400 Uncontrolled Resource Consumption	CVE-2017-1000476	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257949	6.5	MEDIUM Network	mautic acquia	mautic	Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server that the web user…	CWE-22 Path Traversal	CVE-2017-1000490	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm

257950	8.1	HIGH Network	mautic acquia	mautic	Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address	CWE-287 Improper Authentication	CVE-2017-1000489	2024-11-21 12:04	2018-01-4	Show	GitHub Exploit DB Packet Storm