Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 24, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252221 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における Cookie をキャプチャされる脆弱性 CWE-200
情報漏えい 		CVE-2011-4849 2011-12-20 14:11 2011-12-16 Show GitHub Exploit DB Packet Storm
252222 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4848 2011-12-20 14:10 2011-12-16 Show GitHub Exploit DB Packet Storm
252223 7.5 危険 Parallels - Parallels Plesk Panel の Control Panel における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4847 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
252224 4.3 警告 Parallels - Parallels Plesk Panel の Site Editor 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4777 2011-12-20 12:23 2011-12-16 Show GitHub Exploit DB Packet Storm
252225 4.3 警告 Parallels - Parallels Plesk Panel の Control Panel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4776 2011-12-20 12:22 2011-12-16 Show GitHub Exploit DB Packet Storm
252226 10 危険 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における詳細不明な脆弱性 CWE-DesignError
CVE-2011-4768 2011-12-20 12:21 2011-12-16 Show GitHub Exploit DB Packet Storm
252227 5 警告 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4767 2011-12-20 12:21 2011-12-16 Show GitHub Exploit DB Packet Storm
252228 4.3 警告 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-4765 2011-12-20 12:12 2011-12-16 Show GitHub Exploit DB Packet Storm
252229 4.3 警告 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4764 2011-12-20 12:11 2011-12-16 Show GitHub Exploit DB Packet Storm
252230 7.5 危険 Parallels - Parallels Plesk Small Business Panel の Site Editor 機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4763 2011-12-20 12:11 2011-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 24, 2026, 4:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
265411 6.0 MEDIUM
Local 		qemu
canonical
debian 		qemu
ubuntu_linux
debian_linux 		The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of … CWE-787
 Out-of-bounds Write 		CVE-2016-5106 2024-11-21 11:53 2016-09-2 Show GitHub Exploit DB Packet Storm
265412 4.4 MEDIUM
Local 		qemu
canonical
debian 		qemu
ubuntu_linux
debian_linux 		The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest admi… CWE-908
 Use of Uninitialized Resource 		CVE-2016-5105 2024-11-21 11:53 2016-09-2 Show GitHub Exploit DB Packet Storm
265413 6.0 MEDIUM
Local 		qemu
canonical
debian 		qemu
ubuntu_linux
debian_linux 		QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vec… CWE-787
 Out-of-bounds Write 		CVE-2016-4952 2024-11-21 11:53 2016-09-2 Show GitHub Exploit DB Packet Storm
265414 7.8 HIGH
Local 		akabei_soft2 happy_wardrobe AKABEi SOFT2 games allow remote attackers to execute arbitrary OS commands via crafted saved data, as demonstrated by Happy Wardrobe. CWE-78
OS Command  		CVE-2016-4853 2024-11-21 11:53 2016-09-2 Show GitHub Exploit DB Packet Storm
265415 6.1 MEDIUM
Network 		let\'s_php\! simple_chat Cross-site scripting (XSS) vulnerability in Let's PHP! simple chat before 2016-08-15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2016-4851 2024-11-21 11:53 2016-09-2 Show GitHub Exploit DB Packet Storm
265416 6.1 MEDIUM
Network 		clip-bucket clipbucket Cross-site scripting (XSS) vulnerability in ClipBucket before 2.8.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2016-4848 2024-11-21 11:53 2016-09-2 Show GitHub Exploit DB Packet Storm
265417 6.5 MEDIUM
Network 		netapp oncommand_system_manager NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors. NVD-CWE-noinfo
CVE-2016-5047 2024-11-21 11:53 2016-09-1 Show GitHub Exploit DB Packet Storm
265418 9.8 CRITICAL
Network 		readydesk readydesk Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2016-5050 2024-11-21 11:53 2016-08-27 Show GitHub Exploit DB Packet Storm
265419 7.5 HIGH
Network 		readydesk readydesk Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in … CWE-22
Path Traversal 		CVE-2016-5049 2024-11-21 11:53 2016-08-27 Show GitHub Exploit DB Packet Storm
265420 9.8 CRITICAL
Network 		readydesk readydesk SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary SQL commands via the user name field. CWE-89
SQL Injection 		CVE-2016-5048 2024-11-21 11:53 2016-08-27 Show GitHub Exploit DB Packet Storm