Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253311	9.3	危険	Novell	-	Novell iPrint Client の nipplib.dll におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1700	2012-03-27 18:43	2011-06-6	Show	GitHub Exploit DB Packet Storm

253312	9.3	危険	Novell	-	Novell iPrint Client の nipplib.dll におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1699	2012-03-27 18:43	2011-06-6	Show	GitHub Exploit DB Packet Storm

253313	4.3	警告	Best Practical Solutions	-	Best Practical Solutions RT における任意のサーバへ資格情報を送信させる脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-1690	2012-03-27 18:43	2011-04-14	Show	GitHub Exploit DB Packet Storm

253314	4.3	警告	Best Practical Solutions	-	Best Practical Solutions RT におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-1689	2012-03-27 18:43	2011-04-14	Show	GitHub Exploit DB Packet Storm

253315	4.3	警告	Best Practical Solutions	-	Best Practical Solutions RT におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-1688	2012-03-27 18:43	2011-04-14	Show	GitHub Exploit DB Packet Storm

253316	4	警告	Best Practical Solutions	-	Best Practical Solutions RT における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-1687	2012-03-27 18:43	2011-04-14	Show	GitHub Exploit DB Packet Storm

253317	6.5	警告	Best Practical Solutions	-	Best Practical Solutions RT における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-1686	2012-03-27 18:43	2011-04-14	Show	GitHub Exploit DB Packet Storm

253318	4.6	警告	Best Practical Solutions	-	Best Practical Solutions RT における任意のコードを実行される脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2011-1685	2012-03-27 18:43	2011-04-14	Show	GitHub Exploit DB Packet Storm

253319	6.8	警告	VideoLAN	-	VideoLAN VLC media player の MP4_ReadBox_skcr 関数におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1684	2012-03-27 18:43	2011-04-7	Show	GitHub Exploit DB Packet Storm

253320	6.8	警告	IBM	-	IBM WAS におけるアプリケーションのアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1683	2012-03-27 18:43	2011-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
245551	9.8	CRITICAL Network	open_faculty_evaluation_system_project	open_faculty_evaluation_system	Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.	CWE-89 SQL Injection	CVE-2018-18758	2024-11-21 12:56	2019-06-20	Show	GitHub Exploit DB Packet Storm

245552	9.8	CRITICAL Network	open_faculty_evaluation_system_project	open_faculty_evaluation_system	Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758.	CWE-89 SQL Injection	CVE-2018-18757	2024-11-21 12:56	2019-06-20	Show	GitHub Exploit DB Packet Storm

245553	5.3	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. Full Path Disclosure (FPD) exists via api/v1/alarms. NOTE: the vendor says "is intentional.	CWE-200 Information Exposure	CVE-2018-18839	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245554	7.5	HIGH Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.	CWE-116 Improper Encoding or Escaping of Output	CVE-2018-18838	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245555	6.1	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.	CWE-113 HTTP Response Splitting	CVE-2018-18837	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245556	6.5	MEDIUM Network	my-netdata	netdata	An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.	CWE-94 Code Injection	CVE-2018-18836	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245557	8.8	HIGH Network	tubigan	welcome_to_our_resort	The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.	CWE-352 Origin Validation Error	CVE-2018-18802	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245558	7.5	HIGH Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, the BACnet daemon does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the …	CWE-20 Improper Input Validation	CVE-2018-18878	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245559	8.8	HIGH Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.	CWE-287 Improper Authentication	CVE-2018-18877	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

245560	5.3	MEDIUM Network	columbiaweather	weather_microserver_firmware	In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue makes it possible to read any file present on the underlying operating system.	CWE-22 Path Traversal	CVE-2018-18876	2024-11-21 12:56	2019-06-19	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed