Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
253951 2.6 注意 Wireshark - Wireshark の proto_tree_add_item 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-3266 2012-03-27 18:43 2011-08-23 Show GitHub Exploit DB Packet Storm
253952 5 警告 Zabbix - Zabbix の popup.php における任意のデータベーステーブルのコンテンツを読まれる脆弱性 CWE-200
情報漏えい
CVE-2011-3265 2012-03-27 18:43 2011-05-25 Show GitHub Exploit DB Packet Storm
253953 2.1 注意 シトリックス・システムズ - Xen の tools/libxc/xc_dom_bzimageloader.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-3262 2012-03-27 18:43 2011-08-19 Show GitHub Exploit DB Packet Storm
253954 7.5 危険 CMU - Cyrus IMAP の nntpd の split_wildmats 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-3208 2012-03-27 18:43 2011-09-8 Show GitHub Exploit DB Packet Storm
253955 3.3 注意 geoff wong - Hammerhead の hammerhead.cc における任意のファイルに書き込まれる脆弱性 CWE-59
リンク解釈の問題
CVE-2011-3204 2012-03-27 18:43 2011-09-6 Show GitHub Exploit DB Packet Storm
253956 5 警告 Adiscon - rsyslog の parseLegacySyslogMsg 関数におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-3200 2012-03-27 18:43 2011-09-6 Show GitHub Exploit DB Packet Storm
253957 4.3 警告 Ruby on Rails project - Ruby on Rails の to_s メソッドにおける任意のテキストをログファイルに挿入される脆弱性 CWE-20
不適切な入力確認
CVE-2011-3187 2012-03-27 18:43 2011-08-29 Show GitHub Exploit DB Packet Storm
253958 4.3 警告 Ruby on Rails project - Ruby on Rails の actionpack/lib/action_controller/response.rb における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション
CVE-2011-3186 2012-03-27 18:43 2011-08-17 Show GitHub Exploit DB Packet Storm
253959 4.3 警告 The phpMyAdmin Project - phpMyAdmin のトラッキング機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-3181 2012-03-27 18:43 2011-08-24 Show GitHub Exploit DB Packet Storm
253960 5.1 警告 アップル - CUPS の gif_read_lzw 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-3170 2012-03-27 18:43 2011-08-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246051 6.1 MEDIUM
Network
modx modx_revolution MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs. CWE-79
Cross-site Scripting
CVE-2018-20756 2024-11-21 13:02 2019-02-7 Show GitHub Exploit DB Packet Storm
246052 6.1 MEDIUM
Network
modx modx_revolution MODX Revolution through v2.7.0-pl allows XSS via the User Photo field. CWE-79
Cross-site Scripting
CVE-2018-20755 2024-11-21 13:02 2019-02-7 Show GitHub Exploit DB Packet Storm
246053 9.8 CRITICAL
Network
kaseya virtual_system_administrator Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attacke… NVD-CWE-noinfo
CVE-2018-20753 2024-11-21 13:02 2019-02-5 Show GitHub Exploit DB Packet Storm
246054 9.8 CRITICAL
Network
recon-ng_project recon-ng An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a u… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File
CVE-2018-20752 2024-11-21 13:02 2019-02-5 Show GitHub Exploit DB Packet Storm
246055 8.8 HIGH
Network
podofo_project podofo An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject(… CWE-476
 NULL Pointer Dereference
CVE-2018-20751 2024-11-21 13:02 2019-02-5 Show GitHub Exploit DB Packet Storm
246056 9.8 CRITICAL
Network
libvnc_project
canonical
debian
siemens
libvncserver
ubuntu_linux
debian_linux
simatic_itc1500_firmware
simatic_itc1500_pro_firmware
simatic_itc1900_firmware
simatic_itc1900_pro_firmware
simatic_itc2200_firmware
sim…
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. CWE-787
 Out-of-bounds Write
CVE-2018-20750 2024-11-21 13:02 2019-01-31 Show GitHub Exploit DB Packet Storm
246057 9.8 CRITICAL
Network
libvnc_project
canonical
debian
siemens
libvncserver
ubuntu_linux
debian_linux
simatic_itc1500_firmware
simatic_itc1500_pro_firmware
simatic_itc1900_firmware
simatic_itc1900_pro_firmware
simatic_itc2200_firmware
sim…
LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. CWE-787
 Out-of-bounds Write
CVE-2018-20749 2024-11-21 13:02 2019-01-31 Show GitHub Exploit DB Packet Storm
246058 9.8 CRITICAL
Network
libvnc_project
debian
canonical
siemens
libvncserver
debian_linux
ubuntu_linux
simatic_itc1500_firmware
simatic_itc1500_pro_firmware
simatic_itc1900_firmware
simatic_itc1900_pro_firmware
simatic_itc2200_firmware
sim…
LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete. CWE-787
 Out-of-bounds Write
CVE-2018-20748 2024-11-21 13:02 2019-01-31 Show GitHub Exploit DB Packet Storm
246059 5.9 MEDIUM
Network
yiiframework yii Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconf… CWE-346
 Origin Validation Error
CVE-2018-20745 2024-11-21 13:02 2019-01-28 Show GitHub Exploit DB Packet Storm
246060 5.9 MEDIUM
Network
go_cors_project go_cors The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and c… CWE-346
 Origin Validation Error
CVE-2018-20744 2024-11-21 13:02 2019-01-28 Show GitHub Exploit DB Packet Storm