Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252241	7.5	危険	日本電気アップルアライドテレシスサン・マイクロシステムズ BEAシステムズレッドハット	-	Java Web Start において許可されていないシステムクラスが実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-2435	2011-11-28 16:52	2007-04-30	Show	GitHub Exploit DB Packet Storm

252242	4	警告	サイボウズ	-	サイボウズ Office におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2677	2011-11-28 16:45	2011-10-7	Show	GitHub Exploit DB Packet Storm

252243	6.8	警告	Zenprise Inc.	-	Zenprise Device Manager にクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-4498	2011-11-28 14:56	2011-11-21	Show	GitHub Exploit DB Packet Storm

252244	7.5	危険	アップル	-	Apple iTunes における脆弱性に対するアップデート	CWE-94 コード・インジェクション	CVE-2008-3434	2011-11-28 14:56	2011-11-15	Show	GitHub Exploit DB Packet Storm

252245	7.5	危険	アップル	-	Apple Time Capsule および AirPort Base Station (802.11n) における複数の脆弱性に対するアップデート	CWE-20 不適切な入力確認	CVE-2011-0997	2011-11-28 14:52	2011-11-11	Show	GitHub Exploit DB Packet Storm

252246	9.3	危険	Aviosoft	-	Aviosoft DTV Player にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4496	2011-11-28 14:49	2011-10-11	Show	GitHub Exploit DB Packet Storm

252247	5	警告	デル	-	Dell KACE K2000 System Deployment Appliance に不正ログイン可能な脆弱性	CWE-310 暗号の問題	CVE-2011-4046	2011-11-28 14:49	2011-11-9	Show	GitHub Exploit DB Packet Storm

252248	4.3	警告	デル	-	Dell KACE K2000 System Deployment Appliance に情報漏えいの脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-4048	2011-11-28 14:48	2011-11-9	Show	GitHub Exploit DB Packet Storm

252249	3.5	注意	デル	-	Dell KACE K2000 System Deployment Appliance にクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4436	2011-11-28 14:47	2011-11-9	Show	GitHub Exploit DB Packet Storm

252250	9.3	危険	デル	-	Dell KACE K2000 System Deployment Appliance にコマンドインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-4047	2011-11-28 14:46	2011-11-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258711	5.9	MEDIUM Network	gnu	glibc	The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2017-12132	2024-11-21 12:08	2017-08-2	Show	GitHub Exploit DB Packet Storm

258712	6.1	MEDIUM Network	mantisbt	mantisbt	An XSS issue was discovered in manage_user_page.php in MantisBT 2.x before 2.5.2. The 'filter' field is not sanitized before being rendered in the Manage User page, allowing remote attackers to execu…	CWE-79 Cross-site Scripting	CVE-2017-12062	2024-11-21 12:08	2017-08-2	Show	GitHub Exploit DB Packet Storm

258713	6.1	MEDIUM Network	mantisbt	mantisbt	An XSS issue was discovered in admin/install.php in MantisBT before 1.3.12 and 2.x before 2.5.2. Some variables under user control in the MantisBT installation script are not properly sanitized befor…	CWE-79 Cross-site Scripting	CVE-2017-12061	2024-11-21 12:08	2017-08-2	Show	GitHub Exploit DB Packet Storm

258714	6.5	MEDIUM Network	underbit	mad_libmad	mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decode…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-11552	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

258715	6.1	MEDIUM Network	goldplugins	easy_testimonials	The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excer…	CWE-79 Cross-site Scripting	CVE-2017-12131	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

258716	6.1	MEDIUM Network	event_list_project	event_list	The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action.	CWE-79 Cross-site Scripting	CVE-2017-12068	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

258717	7.5	HIGH Network	potrace_project	potrace	Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.	CWE-125 Out-of-bounds Read	CVE-2017-12067	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

258718	5.4	MEDIUM Network	cacti	cacti	Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer hea…	CWE-79 Cross-site Scripting	CVE-2017-12066	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

258719	9.8	CRITICAL Network	cacti	cacti	spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.	NVD-CWE-noinfo	CVE-2017-12065	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

258720	7.5	HIGH Network	open-emr	openemr	The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.	CWE-116 Improper Encoding or Escaping of Output	CVE-2017-12064	2024-11-21 12:08	2017-08-1	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed