Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253291	4.3	警告	Redmine	-	Redmine の app/views/layouts/base.rhtml におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1723	2012-03-27 18:43	2011-04-19	Show	GitHub Exploit DB Packet Storm

253292	7.5	危険	Web-Empowered Church Team	-	TYPO3 の WEC Discussion Forum (wec_discussion) 拡張機能における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1722	2012-03-27 18:43	2011-04-7	Show	GitHub Exploit DB Packet Storm

253293	4.3	警告	obspm	-	WebJaxe の php/partie_administrateur/administration.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-1721	2012-03-27 18:43	2011-04-19	Show	GitHub Exploit DB Packet Storm

253294	9.3	危険	CA Technologies	-	CA Output Management Web Viewer の Web Viewer ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1719	2012-03-27 18:43	2011-04-20	Show	GitHub Exploit DB Packet Storm

253295	4.3	警告	CA Technologies	-	CA SiteMinder の Web Agents コンポーネントにおけるなりすまし攻撃の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1718	2012-03-27 18:43	2011-04-20	Show	GitHub Exploit DB Packet Storm

253296	4.3	警告	Xymon	-	Xymon の Web UI におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1716	2012-03-27 18:43	2011-04-18	Show	GitHub Exploit DB Packet Storm

253297	5	警告	qooxdoo eyeOS Project	-	eyeOS などの製品で使用される QooxDoo におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1715	2012-03-27 18:43	2011-04-18	Show	GitHub Exploit DB Packet Storm

253298	4.3	警告	qooxdoo eyeOS Project	-	eyeOS などの製品で使用される QooxDoo におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1714	2012-03-27 18:43	2011-04-18	Show	GitHub Exploit DB Packet Storm

253299	4.3	警告	マイクロソフト	-	Windows 7 の Internet Explorer 8 で使用される Microsoft msxml.dll におけるヒープメモリアドレスに関する重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-1713	2012-03-27 18:43	2011-04-15	Show	GitHub Exploit DB Packet Storm

253300	4.3	警告	Mozilla Foundation	-	Mozilla Firefox および SeaMonkeｙの txXPathNodeUtils::getXSLTId 関数におけるヒープメモリのアドレスに関する重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-1712	2012-03-27 18:43	2011-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
245501	5.4	MEDIUM Network	jenkins oracle	jenkins communications_cloud_native_core_automated_test_suite	A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure p…	CWE-79 Cross-site Scripting	CVE-2018-1999005	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245502	4.3	MEDIUM Network	jenkins oracle	jenkins communications_cloud_native_core_automated_test_suite	A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in SlaveComputer.java that allows attackers with Overall/Read permission to initiate agent launches, an…	CWE-863 Incorrect Authorization	CVE-2018-1999004	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245503	4.3	MEDIUM Network	jenkins oracle	jenkins communications_cloud_native_core_automated_test_suite	A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Queue.java that allows attackers with Overall/Read permission to cancel queued builds.	CWE-863 Incorrect Authorization	CVE-2018-1999003	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245504	7.5	HIGH Network	jenkins oracle	jenkins communications_cloud_native_core_automated_test_suite	A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP…	NVD-CWE-noinfo	CVE-2018-1999002	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245505	8.8	HIGH Network	jenkins oracle	jenkins communications_cloud_native_core_automated_test_suite	A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause …	NVD-CWE-noinfo	CVE-2018-1999001	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245506	5.4	MEDIUM Network	mathjax	mathjax	MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the \unicode{} macro that can result in Potentially untrusted Javascript running within a web browser. Th…	CWE-79 Cross-site Scripting	CVE-2018-1999024	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245507	8.8	HIGH Network	wesnoth	the_battle_for_wesnoth	The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appe…	CWE-94 Code Injection	CVE-2018-1999023	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245508	5.4	MEDIUM Network	gleeztech	gleezcms	Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack ap…	CWE-79 Cross-site Scripting	CVE-2018-1999021	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245509	5.5	MEDIUM Local	opennetworking	onos	Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java l…	CWE-22 Path Traversal	CVE-2018-1999020	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm

245510	9.8	CRITICAL Network	chamilo	chamilo_lms	Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code e…	CWE-94 Code Injection	CVE-2018-1999019	2024-11-21 12:57	2018-07-24	Show	GitHub Exploit DB Packet Storm