Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253141	5.8	警告	The Tor Project	-	Tor における匿名化のためのプロパティを無効にされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2768	2011-12-27 10:54	2011-10-27	Show	GitHub Exploit DB Packet Storm

253142	7.5	危険	PmWiki	-	PmWiki の PageListSort 関数における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4453	2011-12-27 10:46	2011-11-11	Show	GitHub Exploit DB Packet Storm

253143	-	-	The Support Incident Tracker Project	-	Support Incident Tracker に複数の脆弱性	-	CVE-2011-3831 CVE-2011-3833 CVE-2011-5067 CVE-2011-5068 CVE-2011-5069 CVE-2011-5070	2011-12-27 09:42	2011-12-5	Show	GitHub Exploit DB Packet Storm

253144	9.3	危険	Sielco Sistemi	-	Sielco Sistemi Winlog PRO および Winlog Lite におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4037	2011-12-26 16:32	2011-12-22	Show	GitHub Exploit DB Packet Storm

253145	5	警告	Moodle	-	Moodle の calendar/set.php における CRLF インジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-4203	2011-12-26 16:32	2011-12-22	Show	GitHub Exploit DB Packet Storm

253146	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4634	2011-12-26 16:31	2011-12-1	Show	GitHub Exploit DB Packet Storm

253147	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の libraries/display_export.lib.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4780	2011-12-26 16:30	2011-12-21	Show	GitHub Exploit DB Packet Storm

253148	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の libraries/config/ConfigFile.class.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4782	2011-12-26 16:29	2011-12-21	Show	GitHub Exploit DB Packet Storm

253149	6.5	警告	WordPress.org	-	WordPress において任意の PHP コードが実行可能な脆弱性	CWE-94 コード・インジェクション	-	2011-12-26 14:27	2011-12-26	Show	GitHub Exploit DB Packet Storm

253150	4.3	警告	WordPress.org	-	WordPress 日本語版におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2011-12-26 12:01	2011-12-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246311	4.8	MEDIUM Network	seopanel	seo_panel	The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or …	CWE-79 Cross-site Scripting	CVE-2018-14384	2024-11-21 12:48	2020-03-3	Show	GitHub Exploit DB Packet Storm

246312	7.8	HIGH Local	qualcomm	apq8009_firmware apq8017_firmware apq8053_firmware apq8096_firmware apq8096au_firmware apq8098_firmware ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware<…	Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sn…	CWE-120 Classic Buffer Overflow	CVE-2018-13916	2024-11-21 12:48	2019-11-22	Show	GitHub Exploit DB Packet Storm

246313	9.1	CRITICAL Network	cospas-sarsat	cospas-sarsat_system	The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (unrelated to distress alerts) via a craf…	CWE-310 Cryptographic Issues	CVE-2018-14062	2024-11-21 12:48	2019-08-16	Show	GitHub Exploit DB Packet Storm

246314	6.5	MEDIUM Adjacent	arista	eos	Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled.	CWE-287 Improper Authentication	CVE-2018-14008	2024-11-21 12:48	2019-08-16	Show	GitHub Exploit DB Packet Storm

246315	7.5	HIGH Network	ttpsc	the_scheduler	The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly configured/parameterized XML parser. It was fixed in the versions 5.2.1 and 3.3.7	CWE-611 XXE	CVE-2018-14383	2024-11-21 12:48	2019-08-8	Show	GitHub Exploit DB Packet Storm

246316	7.5	HIGH Network	qualcomm	mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware sd_210_firmware sd_212_firmware sd_205_firmware …	Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu…	CWE-200 Information Exposure	CVE-2018-13897	2024-11-21 12:48	2019-07-26	Show	GitHub Exploit DB Packet Storm

246317	7.8	HIGH Local	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qcs404_firmware qcs605_firmware sd_410_firmware sd_412_firmware sd_636_firmware sd…	Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, …	CWE-287 Improper Authentication	CVE-2018-13927	2024-11-21 12:48	2019-07-22	Show	GitHub Exploit DB Packet Storm

246318	9.8	CRITICAL Network	qualcomm	ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9625_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware	Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer…	CWE-787 Out-of-bounds Write	CVE-2018-13924	2024-11-21 12:48	2019-07-22	Show	GitHub Exploit DB Packet Storm

246319	7.8	HIGH Local	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qcs404_firmware qcs605_firmware qualcomm_215_firmware sd_410_firmware sd_412_firmware…	XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdra…	CWE-284 Improper Access Control	CVE-2018-13896	2024-11-21 12:48	2019-07-22	Show	GitHub Exploit DB Packet Storm

246320	6.1	MEDIUM Network	digisol	dg-hr-3300_firmware	Digisol Wireless Wifi Home Router HR-3300 allows XSS via the userid or password parameter to the admin login page.	CWE-79 Cross-site Scripting	CVE-2018-14027	2024-11-21 12:48	2019-07-6	Show	GitHub Exploit DB Packet Storm