Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254341 7.5 危険 osCommerce - osCommerce における複数のディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4543 2011-12-6 16:33 2011-12-5 Show GitHub Exploit DB Packet Storm
254342 7.5 危険 Zabbix - Zabbix の popup.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4674 2011-12-6 16:27 2011-11-24 Show GitHub Exploit DB Packet Storm
254343 7.5 危険 Automattic Inc. - WordPress 用 Jetpack プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4673 2011-12-6 16:26 2011-12-2 Show GitHub Exploit DB Packet Storm
254344 7.5 危険 Valid - Valid tiny-erp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4672 2011-12-6 16:25 2011-12-2 Show GitHub Exploit DB Packet Storm
254345 7.5 危険 AdRotate Plugin - WordPress 用 AdRotate プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4671 2011-12-6 16:24 2011-12-2 Show GitHub Exploit DB Packet Storm
254346 10 危険 Iron Mountain - Iron Mountain Connected Backup の Agent service における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2397 2011-12-6 16:22 2011-12-5 Show GitHub Exploit DB Packet Storm
254347 6.4 警告 Widelands - Widelands の io/filesystem/filesystem.cc におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-1932 2011-12-6 16:22 2011-12-5 Show GitHub Exploit DB Packet Storm
254348 4.3 警告 Etomite Project - Etomite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-4264 2011-12-6 12:01 2011-12-6 Show GitHub Exploit DB Packet Storm
254349 7.5 危険 jonkemp - WordPress 用 WordPress Users プラグインの wp-users.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-4669 2011-12-5 16:08 2011-12-2 Show GitHub Exploit DB Packet Storm
254350 7.5 危険 IBM - IBM Tivoli Netcool/Reporter における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4668 2011-12-5 16:07 2011-12-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246201 5.3 MEDIUM
Network 		php_file_browser_script_project php_file_browser_script HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter. CWE-22
Path Traversal 		CVE-2018-16549 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246202 6.5 MEDIUM
Network 		zziplib_project zziplib An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2018-16548 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246203 6.1 MEDIUM
Network 		e107 e107 e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter. CWE-79
Cross-site Scripting 		CVE-2018-16381 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246204 6.1 MEDIUM
Network 		btiteam xbtit An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter. CWE-79
Cross-site Scripting 		CVE-2018-16361 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246205 7.5 HIGH
Network 		mi xiaomi_miwifi_xiaomi_55dd_firmware An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL… CWE-200
Information Exposure 		CVE-2018-16307 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246206 3.3 LOW
Local 		fspro event_log_explorer FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection. CWE-611
XXE 		CVE-2018-16252 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246207 6.1 MEDIUM
Network 		opsview opsview The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. CWE-79
Cross-site Scripting 		CVE-2018-16148 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246208 6.1 MEDIUM
Network 		opsview opsview The data parameter of the /settings/api/router endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. CWE-79
Cross-site Scripting 		CVE-2018-16147 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246209 7.2 HIGH
Network 		opsview opsview The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurabl… CWE-78
OS Command  		CVE-2018-16146 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm
246210 8.1 HIGH
Network 		opsview opsview The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow att… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-16145 2024-11-21 12:52 2018-09-6 Show GitHub Exploit DB Packet Storm