Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253841 9.3 危険 Argonne National Laboratory - Bcfg2 のサーバにおける任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3211 2011-09-29 14:30 2011-09-16 Show GitHub Exploit DB Packet Storm
253842 9.3 危険 シーメンス - Siemens WinCC Runtime Advanced Loader におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3321 2011-09-29 14:27 2011-08-29 Show GitHub Exploit DB Packet Storm
253843 10 危険 Progea Srl - Progea Movicon / PowerHMI におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3498 2011-09-29 14:17 2011-09-16 Show GitHub Exploit DB Packet Storm
253844 5 警告 Cogent Real-Time Systems Inc. - Cogent DataHub の Web サーバにおける実行ファイルのソースコードを取得される脆弱性 CWE-200
情報漏えい 		CVE-2011-3502 2011-09-29 14:11 2011-09-16 Show GitHub Exploit DB Packet Storm
253845 9.3 危険 Interactive Data Corporation. - eSignal における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2011-3503 2011-09-29 14:05 2011-09-16 Show GitHub Exploit DB Packet Storm
253846 7.7 危険 DELL EMC (旧 EMC Corporation) - EMC Avamar におけるクライアントデータを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1740 2011-09-29 14:04 2011-09-19 Show GitHub Exploit DB Packet Storm
253847 9 危険 シスコシステムズ - Cisco Telepresence System Integrator C の cuil コンポーネントにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2543 2011-09-28 15:08 2011-09-23 Show GitHub Exploit DB Packet Storm
253848 7.5 危険 Sven Verdoolaege - CGI::Fast にて使用される FCGI における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2011-2766 2011-09-28 14:58 2011-09-23 Show GitHub Exploit DB Packet Storm
253849 2.1 注意 OpenFabrics Alliance - OpenFabrics エンタープライズディストリビューションにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2011-3345 2011-09-28 14:51 2010-12-21 Show GitHub Exploit DB Packet Storm
253850 5 警告 CAREL INDUSTRIES S.p.a. - Carel PlantVisor の CarelDataServer.exe におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-3487 2011-09-28 14:13 2011-09-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246711 8.8 HIGH
Network 		clippercms clippercms ClipperCMS 1.3.3 allows Session Fixation. CWE-384
 Session Fixation 		CVE-2018-11571 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246712 6.1 MEDIUM
Network 		cactusthemes gameplan-event_and_gym_fitness Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for WordPress because of insufficient input sanitization, as demonstrated by the s parameter. In some (but not all) cases, the '<' and… CWE-79
Cross-site Scripting 		CVE-2018-11568 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246713 5.3 MEDIUM
Network 		mahara mahara Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking … CWE-200
Information Exposure 		CVE-2018-11565 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246714 9.8 CRITICAL
Network 		tp-link ipc_tl-ipc223\(p\)-6_firmware
tl-ipc323k-d_firmware
tl-ipc325\(kp\)_firmware
tl-ipc40a-4_firmware 		/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices has a hardcoded zMiVw8Kw0oxKXL0 password. CWE-798
 Use of Hard-coded Credentials 		CVE-2018-11482 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246715 8.8 HIGH
Network 		tp-link ipc_tl-ipc223\(p\)-6_firmware
tl-ipc323k-d_firmware
tl-ipc325\(kp\)_firmware
tl-ipc40a-4_firmware 		TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices allow authenticated remote code execution via crafted JSON data because /usr/lib/lua/luci/torchlight/validator.lua d… CWE-20
 Improper Input Validation  		CVE-2018-11481 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246716 8.8 HIGH
Adjacent 		vgate icar_2_wi-fi_obd2_firmware An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be u… CWE-287
Improper Authentication 		CVE-2018-11478 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246717 3.3 LOW
Local 		amazon echo_show_firmware
echo_plus_firmware
echo_dot_firmware
echo_spot_firmware
echo_firmware 		Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds… CWE-384
 Session Fixation 		CVE-2018-11567 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246718 6.5 MEDIUM
Adjacent 		vgate icar_2_wi-fi_obd2_firmware An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this … CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2018-11477 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246719 8.8 HIGH
Adjacent 		vgate icar_2_wi-fi_obd2_firmware An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the… CWE-306
Missing Authentication for Critical Function 		CVE-2018-11476 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm
246720 6.1 MEDIUM
Network 		misp misp An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the dele… CWE-79
Cross-site Scripting 		CVE-2018-11562 2024-11-21 12:43 2018-05-31 Show GitHub Exploit DB Packet Storm