Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 21, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252311	7.5	危険	IBM	-	IBM Tivoli Netcool/Reporter における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4668	2011-12-5 16:07	2011-12-2	Show	GitHub Exploit DB Packet Storm

252312	5	警告	Schneider Electric	-	Schneider Electric の複数の製品におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-4036	2011-12-5 16:06	2011-10-24	Show	GitHub Exploit DB Packet Storm

252313	4.3	警告	Schneider Electric	-	Schneider Electric の複数の製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4035	2011-12-5 16:05	2011-10-24	Show	GitHub Exploit DB Packet Storm

252314	9.3	危険	Schneider Electric	-	Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4034	2011-12-5 16:05	2011-10-24	Show	GitHub Exploit DB Packet Storm

252315	4.3	警告	Schneider Electric	-	Steema TeeChart ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4033	2011-12-5 16:03	2011-10-24	Show	GitHub Exploit DB Packet Storm

252316	5	警告	PrestaShop	-	Prestashop の admin/displayImage.php における CRLF インジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-4545	2011-12-5 16:01	2011-12-2	Show	GitHub Exploit DB Packet Storm

252317	4.3	警告	PrestaShop	-	Prestashop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4544	2011-12-5 16:00	2011-12-1	Show	GitHub Exploit DB Packet Storm

252318	4.3	警告	atmail pty ltd	-	AtMail Open におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4540	2011-12-5 15:58	2011-12-1	Show	GitHub Exploit DB Packet Storm

252319	2.6	注意	CloudBees	-	CloudBees Jenkins の Jenkins Core におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4344	2011-12-2 15:50	2011-11-8	Show	GitHub Exploit DB Packet Storm

252320	4.3	警告	シュナイダーエレクトリック株式会社 (旧社名株式会社エーピーシー・ジャパン)	-	PowerChute Business Edition におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4263	2011-12-2 12:01	2011-12-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258681	6.5	MEDIUM Network	synology	photo_station	Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via th…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-12071	2024-11-21 12:08	2017-09-8	Show	GitHub Exploit DB Packet Storm

258682	5.4	MEDIUM Network	wolfcms	wolf_cms	Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "cr…	CWE-79 Cross-site Scripting	CVE-2017-11611	2024-11-21 12:08	2017-09-8	Show	GitHub Exploit DB Packet Storm

258683	5.9	MEDIUM Network	gnu	glibc	Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors rel…	CWE-416 Use After Free	CVE-2017-12133	2024-11-21 12:08	2017-09-7	Show	GitHub Exploit DB Packet Storm

258684	8.8	HIGH Network	cesanta	mongoose_embedded_web_server_library	Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to…	CWE-352 Origin Validation Error	CVE-2017-11567	2024-11-21 12:08	2017-09-7	Show	GitHub Exploit DB Packet Storm

258685	8.2	HIGH Network	siemens ocpfoundation	simatic_pcs7 wincc ua_.net local_discovery_server	An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7…	CWE-611 XXE	CVE-2017-12069	2024-11-21 12:08	2017-08-31	Show	GitHub Exploit DB Packet Storm

258686	4.9	MEDIUM Network	synology	router_manager	Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resourc…	CWE-400 Uncontrolled Resource Consumption	CVE-2017-12077	2024-11-21 12:08	2017-08-29	Show	GitHub Exploit DB Packet Storm

258687	4.9	MEDIUM Network	synology	diskstation_manager	Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources…	CWE-400 Uncontrolled Resource Consumption	CVE-2017-12076	2024-11-21 12:08	2017-08-29	Show	GitHub Exploit DB Packet Storm

258688	6.5	MEDIUM Network	synology	dns_server	Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name…	CWE-22 Path Traversal	CVE-2017-12074	2024-11-21 12:08	2017-08-25	Show	GitHub Exploit DB Packet Storm

258689	8.8	HIGH Local	xen citrix debian	xen xenserver debian_linux	arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.	CWE-120 Classic Buffer Overflow	CVE-2017-12137	2024-11-21 12:08	2017-08-24	Show	GitHub Exploit DB Packet Storm

258690	7.8	HIGH Local	xen citrix debian	xen xenserver debian_linux	Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the hos…	CWE-362 Race Condition	CVE-2017-12136	2024-11-21 12:08	2017-08-24	Show	GitHub Exploit DB Packet Storm