Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 13, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252791 4.3 警告 The PHP Group - PHP の Streams コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-1469 2011-04-21 16:46 2011-03-17 Show GitHub Exploit DB Packet Storm
252792 4.3 警告 The PHP Group - PHP の OpenSSL 拡張モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1468 2011-04-21 16:44 2011-03-17 Show GitHub Exploit DB Packet Storm
252793 5 警告 The PHP Group - PHP の NumberFormatter::setSymbol 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-1467 2011-04-21 16:43 2011-03-17 Show GitHub Exploit DB Packet Storm
252794 5 警告 The PHP Group - PHP の SdnToJulian 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-1466 2011-04-21 16:42 2011-03-17 Show GitHub Exploit DB Packet Storm
252795 5 警告 The PHP Group - PHP の grapheme_extract 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-0420 2011-04-21 16:40 2011-01-6 Show GitHub Exploit DB Packet Storm
252796 4.3 警告 The PHP Group - PHP の Zip 拡張モジュール内にある _zip_name_locate 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0421 2011-04-21 12:25 2011-03-17 Show GitHub Exploit DB Packet Storm
252797 4.3 警告 The PHP Group - 64-bit プラットフォーム上で稼働している PHP の exif.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-0708 2011-04-21 12:24 2011-03-17 Show GitHub Exploit DB Packet Storm
252798 7.5 危険 The PHP Group - PHP の ext/shmop/shmop.c における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2011-1092 2011-04-21 12:22 2011-03-17 Show GitHub Exploit DB Packet Storm
252799 7.5 危険 The PHP Group - PHP の phar_object.c における重要な情報を取得される脆弱性 CWE-134
書式文字列の問題 		CVE-2011-1153 2011-04-21 12:21 2011-03-17 Show GitHub Exploit DB Packet Storm
252800 4.3 警告 アップル - Apple iOS の MobileSafari の URL ハンドラにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-0158 2011-04-8 16:22 2011-03-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 13, 2026, 5:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254711 7.8 HIGH
Local 		cpuid cpu-z In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver (e.g., cpuz143_x64.sys for version 1.43) that can result in information disclosure or elevation of privileges, be… NVD-CWE-noinfo
CVE-2017-15302 2024-11-21 12:14 2017-10-16 Show GitHub Exploit DB Packet Storm
254712 7.5 HIGH
Network 		mirasys video_management_system Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 has a login process in which cleartext data is sent from a server to a client, and not all of this data… CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2017-15290 2024-11-21 12:14 2017-10-13 Show GitHub Exploit DB Packet Storm
254713 6.1 MEDIUM
Network 		bouqueteditor_project bouqueteditor There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI. CWE-79
Cross-site Scripting 		CVE-2017-15287 2024-11-21 12:14 2017-10-13 Show GitHub Exploit DB Packet Storm
254714 7.5 HIGH
Network 		qemu qemu Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2017-15268 2024-11-21 12:14 2017-10-13 Show GitHub Exploit DB Packet Storm
254715 8.8 HIGH
Network 		opentext documentum_content_server OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Ser… CWE-22
Path Traversal 		CVE-2017-15276 2024-11-21 12:14 2017-10-14 Show GitHub Exploit DB Packet Storm
254716 7.5 HIGH
Network 		sqlite sqlite SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never in… CWE-476
 NULL Pointer Dereference 		CVE-2017-15286 2024-11-21 12:14 2017-10-12 Show GitHub Exploit DB Packet Storm
254717 5.4 MEDIUM
Network 		octobercms october Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile. When this is opened … CWE-79
Cross-site Scripting 		CVE-2017-15284 2024-11-21 12:14 2017-10-12 Show GitHub Exploit DB Packet Storm
254718 8.8 HIGH
Network 		imagemagick
canonical 		imagemagick
ubuntu_linux 		ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-15281 2024-11-21 12:14 2017-10-12 Show GitHub Exploit DB Packet Storm
254719 5.5 MEDIUM
Local 		umbraco umbraco_cms XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server or sending TCP requests to intranet hosts (aka SSRF… CWE-611
XXE 		CVE-2017-15280 2024-11-21 12:14 2017-10-12 Show GitHub Exploit DB Packet Storm
254720 5.4 MEDIUM
Network 		umbraco umbraco_cms Cross-site scripting (XSS) vulnerability in Umbraco CMS before 7.7.3 allows remote attackers to inject arbitrary web script or HTML via the "page name" (aka nodename) parameter during the creation of… CWE-79
Cross-site Scripting 		CVE-2017-15279 2024-11-21 12:14 2017-10-12 Show GitHub Exploit DB Packet Storm