Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252261	4.3	警告	gphemsley	-	SASHA の inc/lib/lib.base.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5042	2012-01-5 16:11	2011-12-30	Show	GitHub Exploit DB Packet Storm

252262	4.3	警告	PulseCMS	-	Pulse Pro CMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5041	2012-01-5 16:10	2011-12-30	Show	GitHub Exploit DB Packet Storm

252263	4.3	警告	Infoproject	-	Infoproject Biznis Heroj におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5040	2012-01-5 14:27	2011-12-30	Show	GitHub Exploit DB Packet Storm

252264	7.5	危険	Infoproject	-	Infoproject Biznis Heroj における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5039	2012-01-5 14:26	2011-12-30	Show	GitHub Exploit DB Packet Storm

252265	7.5	危険	hitCode	-	hitCode hitAppoint における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5038	2012-01-5 14:24	2011-12-30	Show	GitHub Exploit DB Packet Storm

252266	4.4	警告	ConfigServer	-	ConfigServer Security & Firewall におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-5033	2012-01-5 14:21	2011-12-10	Show	GitHub Exploit DB Packet Storm

252267	4.9	警告	WinMount	-	WinMount の WMDrive.sys におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2011-5032	2012-01-5 14:20	2011-12-29	Show	GitHub Exploit DB Packet Storm

252268	7.5	危険	Shilpi Computers Limited.	-	cApexWEB の servlet/capexweb.parentvalidatepassword における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5031	2012-01-5 14:19	2011-12-29	Show	GitHub Exploit DB Packet Storm

252269	3.5	注意	valthebald	-	Drupal 用 Meta tags quick モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5030	2012-01-5 14:18	2011-12-14	Show	GitHub Exploit DB Packet Storm

252270	4.3	警告	Alexander Palmo	-	Simple PHP Blog におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5029	2012-01-5 11:07	2011-12-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246781	9.8	CRITICAL Network	mingw-w64	mingw-w64	Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used t…	NVD-CWE-noinfo	CVE-2018-1000101	2024-11-21 12:39	2018-03-7	Show	GitHub Exploit DB Packet Storm

246782	7.8	HIGH Local	gpac_project canonical	gpac ubuntu_linux	GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-1000100	2024-11-21 12:39	2018-03-7	Show	GitHub Exploit DB Packet Storm

246783	7.5	HIGH Network	memcached canonical debian redhat	memcached ubuntu_linux debian_linux openstack	Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial …	CWE-400 Uncontrolled Resource Consumption	CVE-2018-1000115	2024-11-21 12:39	2018-03-5	Show	GitHub Exploit DB Packet Storm

246784	6.1	MEDIUM Network	microsoft	identity_manager	Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM …	CWE-79 Cross-site Scripting	CVE-2018-0908	2024-11-21 12:39	2018-02-27	Show	GitHub Exploit DB Packet Storm

246785	5.3	MEDIUM Network	jenkins oracle	jenkins communications_cloud_native_core_automated_test_suite	An improper input validation vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to access plugin resource files in the META-INF and WEB-IN…	CWE-200 Information Exposure	CVE-2018-1000068	2024-11-21 12:39	2018-02-16	Show	GitHub Exploit DB Packet Storm

246786	5.3	MEDIUM Network	jenkins oracle	jenkins communications_cloud_native_core_automated_test_suite	An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited info…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2018-1000067	2024-11-21 12:39	2018-02-16	Show	GitHub Exploit DB Packet Storm

246787	5.4	MEDIUM Network	microsoft	sharepoint_enterprise_server	SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".	CWE-79 Cross-site Scripting	CVE-2018-0869	2024-11-21 12:39	2018-02-15	Show	GitHub Exploit DB Packet Storm

246788	5.4	MEDIUM Network	microsoft	sharepoint_server	SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web requests are handled, aka "Microsoft SharePoint Information Disclosur…	CWE-79 Cross-site Scripting	CVE-2018-0864	2024-11-21 12:39	2018-02-15	Show	GitHub Exploit DB Packet Storm

246789	7.5	HIGH Network	microsoft	edge	Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corrup…	CWE-787 Out-of-bounds Write	CVE-2018-0861	2024-11-21 12:39	2018-02-15	Show	GitHub Exploit DB Packet Storm

246790	7.5	HIGH Network	microsoft	edge	Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, ak…	CWE-787 Out-of-bounds Write	CVE-2018-0860	2024-11-21 12:39	2018-02-15	Show	GitHub Exploit DB Packet Storm