Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252361 6.9 警告 マイクロソフト - Microsoft Windows 7 における Internet Explorer サンドボックスの制限を回避される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4695 2011-12-12 16:39 2011-12-7 Show GitHub Exploit DB Packet Storm
252362 9.3 危険 アップル
アドビシステムズ
マイクロソフト		 - Windows および Mac OS X 上で稼働する Adobe Flash Player における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4694 2011-12-12 16:38 2011-12-7 Show GitHub Exploit DB Packet Storm
252363 9.3 危険 アップル
アドビシステムズ
マイクロソフト		 - Windows および Mac OS X 上で稼働する Adobe Flash Player における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4693 2011-12-12 16:37 2011-12-7 Show GitHub Exploit DB Packet Storm
252364 5 警告 アップル
Google		 - WebKit におけるブラウザキャッシュ内の画像データの存在を推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4692 2011-12-12 16:36 2011-12-7 Show GitHub Exploit DB Packet Storm
252365 5 警告 Google - Google Chrome におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4691 2011-12-12 16:34 2011-12-7 Show GitHub Exploit DB Packet Storm
252366 5 警告 Opera Software ASA - Opera におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4690 2011-12-12 16:33 2011-12-7 Show GitHub Exploit DB Packet Storm
252367 5 警告 マイクロソフト - Microsoft Internet Explorer における文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4689 2011-12-12 16:33 2011-12-7 Show GitHub Exploit DB Packet Storm
252368 5 警告 Mozilla Foundation - Mozilla Firefox におけるブラウザキャッシュ内の文書の存在を容易に推測される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4688 2011-12-12 16:31 2011-12-7 Show GitHub Exploit DB Packet Storm
252369 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品のレイアウトエンジンにおける重要な情報を取得される脆弱性 CWE-362
競合状態 		CVE-2010-5074 2011-12-12 16:22 2010-03-31 Show GitHub Exploit DB Packet Storm
252370 5 警告 Google - Google Chrome の JavaScript 実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5073 2011-12-12 16:21 2011-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254471 7.8 HIGH
Local 		7-zip
debian 		7-zip
p7zip
debian_linux 		Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potential… CWE-787
 Out-of-bounds Write 		CVE-2017-17969 2024-11-21 12:19 2018-01-31 Show GitHub Exploit DB Packet Storm
254472 7.8 HIGH
Local 		linux
canonical 		linux_kernel
ubuntu_linux 		drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact becau… CWE-476
 NULL Pointer Dereference 		CVE-2017-18079 2024-11-21 12:19 2018-01-29 Show GitHub Exploit DB Packet Storm
254473 7.8 HIGH
Local 		systemd_project
debian
opensuse 		systemd
debian_linux
leap 		systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass… CWE-59
Link Following 		CVE-2017-18078 2024-11-21 12:19 2018-01-29 Show GitHub Exploit DB Packet Storm
254474 7.5 HIGH
Network 		brace_expansion_project brace_expansion index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters. CWE-20
 Improper Input Validation  		CVE-2017-18077 2024-11-21 12:19 2018-01-27 Show GitHub Exploit DB Packet Storm
254475 9.8 CRITICAL
Network 		perfexcrm perfex_crm In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2017-17976 2024-11-21 12:19 2018-01-27 Show GitHub Exploit DB Packet Storm
254476 7.5 HIGH
Network 		omniauth
debian 		omniauth
debian_linux 		In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value is improperly protected because POST (in addition to GET) parameters are stored in the session and become available in the enviro… NVD-CWE-noinfo
CVE-2017-18076 2024-11-21 12:19 2018-01-27 Show GitHub Exploit DB Packet Storm
254477 7.8 HIGH
Local 		linux
canonical 		linux_kernel
ubuntu_linux 		crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_… CWE-763
 Release of Invalid Pointer or Reference 		CVE-2017-18075 2024-11-21 12:19 2018-01-24 Show GitHub Exploit DB Packet Storm
254478 4.4 MEDIUM
Local 		qemu
debian 		qemu
debian_linux 		The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via ve… CWE-125
Out-of-bounds Read 		CVE-2017-18030 2024-11-21 12:19 2018-01-24 Show GitHub Exploit DB Packet Storm
254479 9.8 CRITICAL
Network 		fairsketch rise_ultimate_project_manager SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/. CWE-89
SQL Injection 		CVE-2017-17999 2024-11-21 12:19 2018-01-24 Show GitHub Exploit DB Packet Storm
254480 5.5 MEDIUM
Local 		silverstripe silverstripe In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without… CWE-74
Injection 		CVE-2017-18049 2024-11-21 12:19 2018-01-23 Show GitHub Exploit DB Packet Storm