Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253441 - - (複数のベンダ) - UPnP 対応の複数のルータにアクセス制限不備の脆弱性 - - 2011-10-12 14:57 2011-10-6 Show GitHub Exploit DB Packet Storm
253442 10 危険 Iceni Technology - Iceni Argus にバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3332 2011-10-12 14:42 2011-10-6 Show GitHub Exploit DB Packet Storm
253443 7.5 危険 Likno Software Inc. - WordPress 用 Allwebmenus プラグイン内にある actions.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3981 2011-10-11 10:23 2011-10-4 Show GitHub Exploit DB Packet Storm
253444 6 警告 Jerome Schneider - TYPO3 で利用される Drag Drop Mass Upload における任意のファイルをアップロードされる脆弱性 CWE-noinfo
情報不足 		CVE-2011-3980 2011-10-11 10:20 2011-07-9 Show GitHub Exploit DB Packet Storm
253445 4.3 警告 Zikula Foundation - Zikula Application Framework の Theme モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3979 2011-10-11 10:18 2011-09-9 Show GitHub Exploit DB Packet Storm
253446 3.5 注意 LightNEasy - LightNEasy の LightNEasy.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-3978 2011-10-11 10:15 2011-10-4 Show GitHub Exploit DB Packet Storm
253447 7.2 危険 NoMachine - NoMachine NX Node および NX Server の nxconfigure.sh における任意のファイルを読まれる脆弱性 CWE-noinfo
情報不足 		CVE-2011-3977 2011-10-11 10:13 2011-08-5 Show GitHub Exploit DB Packet Storm
253448 5 警告 IceWarp, Inc. - IceWarp Mail Server の IceWarp WebMail における設定情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3580 2011-10-11 10:11 2011-09-30 Show GitHub Exploit DB Packet Storm
253449 6.4 警告 IceWarp, Inc. - IceWarp Mail Server の server/webmail.php における任意のファイルを読まれる脆弱性 CWE-399
リソース管理の問題 		CVE-2011-3579 2011-10-11 10:10 2011-09-30 Show GitHub Exploit DB Packet Storm
253450 7.5 危険 シマンテック - Symantec IM Manager の管理コンソールにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-0554 2011-10-11 10:10 2011-09-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
275251 8.8 HIGH
Network 		denkgroot spina Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75. CWE-352
 Origin Validation Error 		CVE-2015-4619 2024-11-21 11:31 2017-09-8 Show GitHub Exploit DB Packet Storm
275252 7.2 HIGH
Network 		arubanetworks clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than … CWE-284
Improper Access Control 		CVE-2015-4649 2024-11-21 11:31 2017-08-30 Show GitHub Exploit DB Packet Storm
275253 6.1 MEDIUM
Network 		cloud4wi splash_portal Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default … CWE-79
Cross-site Scripting 		CVE-2015-4699 2024-11-21 11:31 2017-08-25 Show GitHub Exploit DB Packet Storm
275254 9.8 CRITICAL
Network 		kguardsecurity kg-sha104_firmware
kg-sha108_firmware 		Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server. CWE-287
Improper Authentication 		CVE-2015-4464 2024-11-21 11:31 2017-08-19 Show GitHub Exploit DB Packet Storm
275255 6.5 MEDIUM
Network 		efrontlearning efront The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2015-4463 2024-11-21 11:31 2017-07-26 Show GitHub Exploit DB Packet Storm
275256 6.5 MEDIUM
Network 		efrontlearning efront Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file fro… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2015-4462 2024-11-21 11:31 2017-07-26 Show GitHub Exploit DB Packet Storm
275257 8.8 HIGH
Network 		koha koha Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, and 3.20.x before 3.20.1 allows remote attackers to inject arbitrary web sc… CWE-352
 Origin Validation Error 		CVE-2015-4639 2024-11-21 11:31 2017-07-21 Show GitHub Exploit DB Packet Storm
275258 7.8 HIGH
Local 		lenovo mouse_suite Lenovo Mouse Suite before 6.73 allows local users to run arbitrary code with administrator privileges. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-4596 2024-11-21 11:31 2017-06-14 Show GitHub Exploit DB Packet Storm
275259 7.5 HIGH
Network 		download_zip_attachments_project download_zip_attachments Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter to download.php. CWE-22
Path Traversal 		CVE-2015-4704 2024-11-21 11:31 2017-05-23 Show GitHub Exploit DB Packet Storm
275260 9.8 CRITICAL
Network 		aviary_image_editor_add-on_for_gravity_forms_project aviary_image_editor_add-on_for_gravity_forms Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by up… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2015-4455 2024-11-21 11:31 2017-05-23 Show GitHub Exploit DB Packet Storm