Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252581	9.3	危険	マイクロソフト	-	Microsoft Forefront UAG の MicrosoftClient.jar における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-1969	2011-10-21 15:31	2011-10-11	Show	GitHub Exploit DB Packet Storm

252582	4.3	警告	マイクロソフト	-	Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1897	2011-10-21 15:30	2011-10-11	Show	GitHub Exploit DB Packet Storm

252583	4.3	警告	マイクロソフト	-	Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1896	2011-10-21 15:30	2011-10-11	Show	GitHub Exploit DB Packet Storm

252584	9.3	危険	マイクロソフト	-	Microsoft Forefront UAG 2010 における CRLF インジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-1895	2011-10-21 15:28	2011-10-11	Show	GitHub Exploit DB Packet Storm

252585	9.3	危険	マイクロソフト	-	Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1253	2011-10-21 15:27	2011-10-11	Show	GitHub Exploit DB Packet Storm

252586	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2011-2011	2011-10-21 15:26	2011-10-11	Show	GitHub Exploit DB Packet Storm

252587	9.3	危険	マイクロソフト	-	Microsoft Windows の win32k.sys のバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2003	2011-10-21 15:25	2011-10-11	Show	GitHub Exploit DB Packet Storm

252588	4.7	警告	マイクロソフト	-	Microsoft Windows の win32k.sys におけるサービス運用妨害 (システムハング) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-2002	2011-10-21 15:25	2011-10-11	Show	GitHub Exploit DB Packet Storm

252589	7.2	危険	マイクロソフト	-	Microsoft Windows の win32k.sys における権限昇格またはサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2011-1985	2011-10-21 15:24	2011-10-11	Show	GitHub Exploit DB Packet Storm

252590	9.3	危険	マイクロソフト	-	Microsoft Windows Vista および Windows 7 の Windows Media Center における権限昇格の脆弱性	CWE-Other その他	CVE-2011-2009	2011-10-21 15:24	2011-10-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254501	6.5	MEDIUM Network	piwigo	piwigo	The application Piwigo is affected by an SQL injection vulnerability in version 2.9.2 and possibly prior. This vulnerability allows remote authenticated attackers to obtain information in the context…	CWE-89 SQL Injection	CVE-2017-16893	2024-11-21 12:17	2017-12-2	Show	GitHub Exploit DB Packet Storm

254502	5.5	MEDIUM Local	vim debian canonical	vim debian_linux ubuntu_linux	fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local user…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2017-17087	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254503	9.8	CRITICAL Network	inedo	otter	Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as…	CWE-20 Improper Input Validation	CVE-2017-17086	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254504	7.5	HIGH Network	wireshark debian	wireshark debian_linux	In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2017-17085	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254505	7.5	HIGH Network	wireshark debian	wireshark debian_linux	In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2017-17084	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254506	7.5	HIGH Network	wireshark debian	wireshark debian_linux	In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginni…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2017-17083	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254507	6.5	MEDIUM Network	ffmpeg	ffmpeg	The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedne…	CWE-125 Out-of-bounds Read	CVE-2017-17081	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254508	5.5	MEDIUM Local	gnu	binutils	elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of servic…	CWE-125 Out-of-bounds Read	CVE-2017-17080	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254509	7.5	HIGH Network	dlink	dir-605l_model_b_firmware	An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (d…	CWE-20 Improper Input Validation	CVE-2017-17065	2024-11-21 12:17	2017-12-1	Show	GitHub Exploit DB Packet Storm

254510	9.8	CRITICAL Network	splunk	splunk	Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which …	CWE-863 Incorrect Authorization	CVE-2017-17067	2024-11-21 12:17	2017-11-30	Show	GitHub Exploit DB Packet Storm