Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253561	5.8	警告	The Tor Project	-	Tor における匿名化のためのプロパティを無効にされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2768	2011-12-27 10:54	2011-10-27	Show	GitHub Exploit DB Packet Storm

253562	7.5	危険	PmWiki	-	PmWiki の PageListSort 関数における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4453	2011-12-27 10:46	2011-11-11	Show	GitHub Exploit DB Packet Storm

253563	-	-	The Support Incident Tracker Project	-	Support Incident Tracker に複数の脆弱性	-	CVE-2011-3831 CVE-2011-3833 CVE-2011-5067 CVE-2011-5068 CVE-2011-5069 CVE-2011-5070	2011-12-27 09:42	2011-12-5	Show	GitHub Exploit DB Packet Storm

253564	9.3	危険	Sielco Sistemi	-	Sielco Sistemi Winlog PRO および Winlog Lite におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-4037	2011-12-26 16:32	2011-12-22	Show	GitHub Exploit DB Packet Storm

253565	5	警告	Moodle	-	Moodle の calendar/set.php における CRLF インジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2011-4203	2011-12-26 16:32	2011-12-22	Show	GitHub Exploit DB Packet Storm

253566	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4634	2011-12-26 16:31	2011-12-1	Show	GitHub Exploit DB Packet Storm

253567	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の libraries/display_export.lib.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4780	2011-12-26 16:30	2011-12-21	Show	GitHub Exploit DB Packet Storm

253568	4.3	警告	The phpMyAdmin Project	-	phpMyAdmin の libraries/config/ConfigFile.class.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4782	2011-12-26 16:29	2011-12-21	Show	GitHub Exploit DB Packet Storm

253569	6.5	警告	WordPress.org	-	WordPress において任意の PHP コードが実行可能な脆弱性	CWE-94 コード・インジェクション	-	2011-12-26 14:27	2011-12-26	Show	GitHub Exploit DB Packet Storm

253570	4.3	警告	WordPress.org	-	WordPress 日本語版におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2011-12-26 12:01	2011-12-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246271	6.1	MEDIUM Network	xiao5ucompany_project	xiao5ucompany	Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements).	CWE-79 Cross-site Scripting	CVE-2018-14527	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246272	6.5	MEDIUM Network	gnu	libredwg	dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.	CWE-415 Double Free	CVE-2018-14524	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246273	8.8	HIGH Network	aubio opensuse suse	aubio leap linux_enterprise	An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.	CWE-125 Out-of-bounds Read	CVE-2018-14523	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246274	8.8	HIGH Network	aubio opensuse suse	aubio leap linux_enterprise	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-14522	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246275	8.8	HIGH Network	aubio	aubio	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-14521	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246276	6.1	MEDIUM Network	seacms	seacms	SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain form fields.	CWE-79 Cross-site Scripting	CVE-2018-14517	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246277	9.8	CRITICAL Network	wuzhi_cms_project	wuzhi_cms	A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter.	CWE-89 SQL Injection	CVE-2018-14515	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246278	9.8	CRITICAL Network	icmsdev	icms	An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that allows attackers to read sensitive files, access an intranet, or possibly have unspecified other impact.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2018-14514	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246279	6.1	MEDIUM Network	wuzhi_cms_project	wuzhi_cms	An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[content] parameter to the index.php?m=…	CWE-79 Cross-site Scripting	CVE-2018-14513	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm

246280	6.1	MEDIUM Network	wuzhicms	wuzhi_cms	An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[nickname] parameter to the index.php?m…	CWE-79 Cross-site Scripting	CVE-2018-14512	2024-11-21 12:49	2018-07-23	Show	GitHub Exploit DB Packet Storm