Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 24, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253231 6.8 警告 postrev - Post Revolution におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2011-1954 2012-03-27 18:43 2011-05-22 Show GitHub Exploit DB Packet Storm
253232 4.3 警告 postrev - Post Revolution の common.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1953 2012-03-27 18:43 2011-05-22 Show GitHub Exploit DB Packet Storm
253233 5 警告 postrev - Post Revolution の common.php におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1952 2012-03-27 18:43 2011-05-22 Show GitHub Exploit DB Packet Storm
253234 4.3 警告 pcre.org
balabit		 - Balabit syslog-ng の lib/logmatcher.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1951 2012-03-27 18:43 2011-05-3 Show GitHub Exploit DB Packet Storm
253235 5.5 警告 Plone Foundation - Plone の plone.app.users における任意のアカウントのプロパティを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1950 2012-03-27 18:43 2011-06-6 Show GitHub Exploit DB Packet Storm
253236 3.5 注意 Plone Foundation - Plone の safe_html フィルタにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1949 2012-03-27 18:43 2011-06-6 Show GitHub Exploit DB Packet Storm
253237 4.3 警告 Plone Foundation - Plone におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1948 2012-03-27 18:43 2011-06-6 Show GitHub Exploit DB Packet Storm
253238 5 警告 Fetchmail Project - fetchmail におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-1947 2012-03-27 18:43 2011-06-2 Show GitHub Exploit DB Packet Storm
253239 7.2 危険 hongli lai - libgnomesu の gnomesu-pam-backend における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1946 2012-03-27 18:43 2011-07-7 Show GitHub Exploit DB Packet Storm
253240 2.1 注意 Fedora Project
レッドハット		 - Fedora の NetworkManager パッケージの libnm-util の destroy_one_secret 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-1943 2012-03-27 18:43 2011-06-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
245521 8.1 HIGH
Network 		octobercms october October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information di… CWE-200
Information Exposure 		CVE-2018-1999009 2024-11-21 12:57 2018-07-24 Show GitHub Exploit DB Packet Storm
245522 5.4 MEDIUM
Network 		octobercms october October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media modu… CWE-79
Cross-site Scripting 		CVE-2018-1999008 2024-11-21 12:57 2018-07-24 Show GitHub Exploit DB Packet Storm
245523 7.5 HIGH
Network 		dlink dir-850l_firmare An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by send… CWE-287
Improper Authentication 		CVE-2018-18907 2024-11-21 12:56 2022-06-17 Show GitHub Exploit DB Packet Storm
245524 5.3 MEDIUM
Network 		avanquest
foxitsoftware
gonitro
iskysoft
pdfforge
qoppa
sodapdf
soft-xpansion
tracker-software
visagesoft 		expert_pdf_ultimate
pdf_experte_ultimate
foxit_reader
nitro_pro
nitro_reader
pdf_editor_6
pdfelement6
pdf_architect
pdf_studio
pdf_studio_viewer_2018
soda_pdf
soda_pd… 		The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exis… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2018-18689 2024-11-21 12:56 2021-01-8 Show GitHub Exploit DB Packet Storm
245525 5.3 MEDIUM
Network 		code-industry
foxitsoftware
gonitro
iskysoft
libreoffice
nuance
qoppa
soft-xpansion 		master_pdf_editor
foxit_reader
phantompdf
nitro_pro
nitro_reader
pdf_editor_6
pdfelement6
libreoffice
power_pdf_standard
pdf_studio
pdf_studio_viewer_2018
perfect_pdf… 		The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exi… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2018-18688 2024-11-21 12:56 2021-01-8 Show GitHub Exploit DB Packet Storm
245526 6.5 MEDIUM
Network 		mozilla
siemens 		network_security_services
ruggedcom_rox_mx5000_firmware
ruggedcom_rox_rx1400_firmware
ruggedcom_rox_rx1500_firmware
ruggedcom_rox_rx1501_firmware
ruggedcom_rox_rx1510_firmware
rugge… 		In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service. CWE-476
 NULL Pointer Dereference 		CVE-2018-18508 2024-11-21 12:56 2020-10-23 Show GitHub Exploit DB Packet Storm
245527 6.1 MEDIUM
Network 		grafana grafana Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099. CWE-79
Cross-site Scripting 		CVE-2018-18625 2024-11-21 12:56 2020-06-3 Show GitHub Exploit DB Packet Storm
245528 6.1 MEDIUM
Network 		grafana grafana Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099. CWE-79
Cross-site Scripting 		CVE-2018-18624 2024-11-21 12:56 2020-06-3 Show GitHub Exploit DB Packet Storm
245529 6.1 MEDIUM
Network 		grafana grafana Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099. CWE-79
Cross-site Scripting 		CVE-2018-18623 2024-11-21 12:56 2020-06-3 Show GitHub Exploit DB Packet Storm
245530 5.3 MEDIUM
Network 		incsub hustle The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI. CWE-22
Path Traversal 		CVE-2018-18576 2024-11-21 12:56 2020-03-18 Show GitHub Exploit DB Packet Storm