Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 2:16 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253161	5	警告	Google	-	Google Chrome の NPAPI 実装におけるサービス運用妨害 (out-of-bounds read) の脆弱性	CWE-119 バッファエラー	CVE-2011-2345	2011-07-20 10:50	2011-06-28	Show	GitHub Exploit DB Packet Storm

253162	7.5	危険	Google	-	Google Chrome の DOM 実装における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2342	2011-07-20 10:49	2011-06-7	Show	GitHub Exploit DB Packet Storm

253163	7.5	危険	Google	-	Google Chrome にて使用される Google V8 における同一生成元ポリシーを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2332	2011-07-20 10:48	2011-06-7	Show	GitHub Exploit DB Packet Storm

253164	5	警告	Google	-	Google Chrome におけるタブページにスクリプトを挿入される脆弱性	CWE-noinfo 情報不足	CVE-2011-1815	2011-07-19 10:03	2011-06-7	Show	GitHub Exploit DB Packet Storm

253165	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 CWE-399	CVE-2011-1814	2011-07-19 10:02	2011-06-7	Show	GitHub Exploit DB Packet Storm

253166	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1813	2011-07-19 10:01	2011-06-7	Show	GitHub Exploit DB Packet Storm

253167	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1811	2011-07-19 10:00	2011-06-7	Show	GitHub Exploit DB Packet Storm

253168	7.5	危険	Google	-	Google Chrome におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1812	2011-07-19 09:59	2011-06-7	Show	GitHub Exploit DB Packet Storm

253169	4.3	警告	マイクロソフト	-	ASP.NET におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2011-07-15 12:02	2011-07-15	Show	GitHub Exploit DB Packet Storm

253170	4.3	警告	Google	-	Google 検索アプライアンスにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1339	2011-07-15 12:01	2011-07-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311011	9.8	CRITICAL Network	ivanti	avalanche	Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.	CWE-22 Path Traversal	CVE-2024-47009	2024-10-16 22:26	2024-10-9	Show	GitHub Exploit DB Packet Storm

311012	7.5	HIGH Network	ivanti	avalanche	Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-47008	2024-10-16 22:24	2024-10-9	Show	GitHub Exploit DB Packet Storm

311013	7.5	HIGH Network	ivanti	avalanche	A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.	CWE-476 NULL Pointer Dereference	CVE-2024-47007	2024-10-16 22:23	2024-10-9	Show	GitHub Exploit DB Packet Storm

311014	6.7	MEDIUM Local	microsoft	windows_server_2012 windows_10_1507 windows_server_2016 windows_server_2022_23h2 windows_10_1809 windows_server_2022 windows_11_21h2 windows_10_21h2 windows_10_22h2 windows…	Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability	NVD-CWE-noinfo	CVE-2024-37983	2024-10-16 22:15	2024-10-9	Show	GitHub Exploit DB Packet Storm

311015	9.8	CRITICAL Network	alisonic	sibylla_firmware	Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database.	CWE-89 SQL Injection	CVE-2024-8630	2024-10-16 22:15	2024-09-28	Show	GitHub Exploit DB Packet Storm

311016	7.5	HIGH Network	opentext	cx-e_voice	Path Traversal vulnerability discovered in OpenText™ CX-E Voice, affecting all version through 22.4. The vulnerability could allow arbitrarily access files on the system.	CWE-22 Path Traversal	CVE-2023-7260	2024-10-16 21:53	2024-08-23	Show	GitHub Exploit DB Packet Storm

311017	-		-	-	There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local "m2cuser" was greated with administrator privileges. This …	-	CVE-2024-9858	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

311018	-		-	-	A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead…	CWE-1270 Generation of Incorrect Security Tokens	CVE-2023-32188	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

311019	-		-	-	A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies t…	-	CVE-2023-22650	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

311020	-		-	-	The BigBlueButton plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the moderator code and viewer code fields in versions up to, and including, 3.0.0-beta.4 due to insufficien…	CWE-79 Cross-site Scripting	CVE-2023-7296	2024-10-16 17:15	2024-10-16	Show	GitHub Exploit DB Packet Storm