Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253751 4.3 警告 Alexander Palmo - Simple PHP Blog におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5029 2012-01-5 11:07 2011-12-29 Show GitHub Exploit DB Packet Storm
253752 4 警告 Novell - Novell Sentinel Log Manager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-5028 2012-01-5 10:49 2011-12-29 Show GitHub Exploit DB Packet Storm
253753 4.3 警告 Zabbix - Zabbix におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5027 2012-01-5 10:49 2011-08-4 Show GitHub Exploit DB Packet Storm
253754 4.3 警告 Zabbix - Zabbix における複数のクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4615 2012-01-5 10:48 2011-08-4 Show GitHub Exploit DB Packet Storm
253755 10 危険 ヒューレット・パッカード - HP Database Archiving Software における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4165 2012-01-5 10:47 2011-12-22 Show GitHub Exploit DB Packet Storm
253756 10 危険 ヒューレット・パッカード - HP Database Archiving Software における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4164 2012-01-5 10:46 2011-12-22 Show GitHub Exploit DB Packet Storm
253757 10 危険 ヒューレット・パッカード - HP Database Archiving Software における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2011-4163 2012-01-5 10:44 2011-12-22 Show GitHub Exploit DB Packet Storm
253758 4.3 警告 Yaws - Yaws の wiki アプリケーションにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5025 2012-01-5 10:21 2011-12-29 Show GitHub Exploit DB Packet Storm
253759 4.3 警告 GNU Project - Mailman 用の Mailman/htdig integration patch の mmsearch/design におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5024 2012-01-5 10:21 2011-12-29 Show GitHub Exploit DB Packet Storm
253760 4.3 警告 Pligg - Pligg CMS の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5023 2012-01-5 10:17 2011-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246381 5.4 MEDIUM
Network 		php_template_store_script_project php_template_store_script PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Address Line 2, Bank name, or A/C Holder name field in a profile. CWE-79
Cross-site Scripting 		CVE-2018-14869 2024-11-21 12:49 2018-08-7 Show GitHub Exploit DB Packet Storm
246382 8.8 HIGH
Network 		ocsinventory-ng ocs_inventory_server Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access t… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2018-14857 2024-11-21 12:49 2018-08-7 Show GitHub Exploit DB Packet Storm
246383 7.5 HIGH
Network 		nystudio107 seomatic A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can… CWE-94
Code Injection 		CVE-2018-14716 2024-11-21 12:49 2018-08-7 Show GitHub Exploit DB Packet Storm
246384 8.8 HIGH
Network 		otrs
debian 		open_ticket_request_system
debian_linux 		An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their pr… NVD-CWE-noinfo
CVE-2018-14593 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246385 5.4 MEDIUM
Network 		readymadeb2bscript basic_b2b PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. CWE-79
Cross-site Scripting 		CVE-2018-14541 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246386 5.4 MEDIUM
Network 		tendacn d152_firmware Tenda D152 ADSL routers allow XSS via a crafted SSID. CWE-79
Cross-site Scripting 		CVE-2018-14497 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246387 9.1 CRITICAL
Network 		ocsinventory-ng ocsinventory_ng OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate i… CWE-611
XXE 		CVE-2018-14473 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246388 9.8 CRITICAL
Network 		softnas cloud A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the s… CWE-78
OS Command  		CVE-2018-14417 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246389 9.8 CRITICAL
Network 		tecrail responsive_filemanager upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter. CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2018-14728 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm
246390 7.5 HIGH
Network 		cryptogs cryptogs The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can pre… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2018-14715 2024-11-21 12:49 2018-08-4 Show GitHub Exploit DB Packet Storm