Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254171	7.5	危険	BASE	-	Basic Analysis and Security Engine の base_ag_main.php における任意のコードを実行される脆弱性	CWE-287 不適切な認証	CVE-2012-1198	2012-02-21 16:45	2012-02-18	Show	GitHub Exploit DB Packet Storm

254172	6.8	警告	ACD Systems International	-	ACDSee の IDE_ACDStd.apl モジュールにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-1197	2012-02-21 16:44	2012-02-18	Show	GitHub Exploit DB Packet Storm

254173	5	警告	LANDesk	-	Lenovo ThinkManagement Console におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1196	2012-02-21 16:44	2012-02-18	Show	GitHub Exploit DB Packet Storm

254174	7.5	危険	LANDesk	-	Lenovo ThinkManagement Console の ServerSetup web サービスにおける任意のコードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1195	2012-02-21 16:43	2012-02-18	Show	GitHub Exploit DB Packet Storm

254175	4.3	警告	Craig Barratt	-	BackupPC の RestoreFile.pm におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-5081	2012-02-21 16:42	2012-02-18	Show	GitHub Exploit DB Packet Storm

254176	4.3	警告	Craig Barratt	-	BackupPC の View.pm におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4923	2012-02-21 16:41	2012-02-18	Show	GitHub Exploit DB Packet Storm

254177	9.3	危険	TYPO3 Association	-	TYPO3 の workspaces system エクステンションにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2011-4614	2012-02-21 16:40	2011-12-16	Show	GitHub Exploit DB Packet Storm

254178	4.3	警告	Craig Barratt	-	BackupPC の CGI/Browse.pm におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3361	2012-02-21 16:34	2012-02-18	Show	GitHub Exploit DB Packet Storm

254179	7.5	危険	Earl Miles	-	Drupal 用 Views モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4113	2012-02-21 16:33	2012-02-17	Show	GitHub Exploit DB Packet Storm

254180	2.1	注意	Robert Ancell	-	LightDM における任意のファイルの所有権を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-4105	2012-02-21 16:26	2012-02-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
246291	6.5	MEDIUM Adjacent	sony	r5c_firmware wd75_firmware wd65_firmware xe70_firmware xf70_firmware we75_firmware we6_firmware wf6_firmware	The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2018-16595	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246292	8.1	HIGH Adjacent	sony	r5c_firmware wd75_firmware wd65_firmware xe70_firmware xf70_firmware we75_firmware we6_firmware wf6_firmware	The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal.	CWE-22 Path Traversal	CVE-2018-16594	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246293	8.8	HIGH Adjacent	sony	r5c_firmware wd75_firmware wd65_firmware xe70_firmware xf70_firmware we75_firmware we6_firmware wf6_firmware	The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.	CWE-78 OS Command	CVE-2018-16593	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246294	9.8	CRITICAL Network	nagios	nagios_xi	An Insufficient Access Control vulnerability (leading to credential disclosure) in coreconfigsnapshot.php (aka configuration snapshot page) in Nagios XI before 5.5.4 allows remote attackers to gain a…	CWE-284 Improper Access Control	CVE-2018-17148	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246295	5.4	MEDIUM Network	nagios	nagios_xi	A cross-site scripting vulnerability exists in Nagios XI before 5.5.4 via the 'name' parameter within the Account Information page. Exploitation of this vulnerability allows an attacker to execute ar…	CWE-79 Cross-site Scripting	CVE-2018-17146	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246296	6.1	MEDIUM Network	zrlog	zrlog	An issue was discovered in ZRLOG 2.0.1. There is a Stored XSS vulnerability in the nickname field of the comment area.	CWE-79 Cross-site Scripting	CVE-2018-17079	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246297	9.8	CRITICAL Network	vtech	storio_max_firmware	VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for request…	CWE-78 OS Command	CVE-2018-16618	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246298	9.8	CRITICAL Network	gvectors	wpforo_forum	An issue was discovered in the update function in the wpForo Forum plugin before 1.5.2 for WordPress. A registered forum is able to escalate privilege to the forum administrator without any form of u…	NVD-CWE-noinfo	CVE-2018-16613	2024-11-21 12:53	2019-06-20	Show	GitHub Exploit DB Packet Storm

246299	7.5	HIGH Network	fangfa	fdcms	admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content Manage System) 4.2 allows SQL Injection.	CWE-89 SQL Injection	CVE-2018-17048	2024-11-21 12:53	2019-05-17	Show	GitHub Exploit DB Packet Storm

246300	7.5	HIGH Network	kyocera	taskalfa_4002i_firmware taskalfa_6002i_firmware	DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request.	CWE-200 Information Exposure	CVE-2018-16656	2024-11-21 12:53	2019-05-15	Show	GitHub Exploit DB Packet Storm