Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253161	7.5	危険	webmastersite	-	WSN Guest の memberlist.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1061	2012-03-27 18:43	2011-02-22	Show	GitHub Exploit DB Packet Storm

253162	7.5	危険	webmastersite	-	WSN Guest の member 関数における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1060	2012-03-27 18:43	2011-02-22	Show	GitHub Exploit DB Packet Storm

253163	4.3	警告	アップル Google	-	Google Chrome および他の製品で使用される WebKit の WebCore におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1059	2012-03-27 18:43	2011-02-22	Show	GitHub Exploit DB Packet Storm

253164	2.6	注意	MoinMoin	-	MoinMoin の rst パーサーにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1058	2012-03-27 18:43	2011-02-22	Show	GitHub Exploit DB Packet Storm

253165	6.2	警告	マイクロソフト metasploit	-	Metasploit Framework のインストーラにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1057	2012-03-27 18:43	2011-02-21	Show	GitHub Exploit DB Packet Storm

253166	6.2	警告	マイクロソフト metasploit	-	Metasploit Framework のインストーラにおける権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1056	2012-03-27 18:43	2011-02-21	Show	GitHub Exploit DB Packet Storm

253167	7.5	危険	lingxia273	-	Lingxia I.C.E CMS の api/ice_media.cfc における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1055	2012-03-27 18:43	2011-02-21	Show	GitHub Exploit DB Packet Storm

253168	10	危険	Hex-Rays	-	Hex-Rays IDA Pro のPEF インプットファイルローダーにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2011-1054	2012-03-27 18:43	2011-02-21	Show	GitHub Exploit DB Packet Storm

253169	4.3	警告	Hex-Rays	-	Hex-Rays IDA Pro の Mach-O インプットファイルローダーにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2011-1053	2012-03-27 18:43	2011-02-21	Show	GitHub Exploit DB Packet Storm

253170	10	危険	Hex-Rays	-	Hex-Rays IDA Pro の PSX/GEOS インプットファイルローダーにおける整数オーバフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1052	2012-03-27 18:43	2011-02-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
245551	9.8	CRITICAL Network	open_faculty_evaluation_system_project	open_faculty_evaluation_system	Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.	CWE-89 SQL Injection	CVE-2018-18758	2024-11-21 12:56	2019-06-20	Show	GitHub Exploit DB Packet Storm

245552	9.8	CRITICAL Network	open_faculty_evaluation_system_project	open_faculty_evaluation_system	Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758.	CWE-89 SQL Injection	CVE-2018-18757	2024-11-21 12:56	2019-06-20	Show	GitHub Exploit DB Packet Storm

245553	5.3	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. Full Path Disclosure (FPD) exists via api/v1/alarms. NOTE: the vendor says "is intentional.	CWE-200 Information Exposure	CVE-2018-18839	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245554	7.5	HIGH Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.	CWE-116 Improper Encoding or Escaping of Output	CVE-2018-18838	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245555	6.1	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.	CWE-113 HTTP Response Splitting	CVE-2018-18837	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245556	6.5	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.	CWE-94 Code Injection	CVE-2018-18836	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245557	8.8	HIGH Network	tubigan	welcome_to_our_resort	The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.	CWE-352 Origin Validation Error	CVE-2018-18802	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245558	7.5	HIGH Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, the BACnet daemon does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the …	CWE-20 Improper Input Validation	CVE-2018-18878	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245559	8.8	HIGH Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.	CWE-287 Improper Authentication	CVE-2018-18877	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245560	5.3	MEDIUM Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue makes it possible to read any file present on the underlying operating system.	CWE-22 Path Traversal	CVE-2018-18876	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed