Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254571 4.3 警告 マイクロソフト - Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1897 2011-10-21 15:30 2011-10-11 Show GitHub Exploit DB Packet Storm
254572 4.3 警告 マイクロソフト - Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-1896 2011-10-21 15:30 2011-10-11 Show GitHub Exploit DB Packet Storm
254573 9.3 危険 マイクロソフト - Microsoft Forefront UAG 2010 における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-1895 2011-10-21 15:28 2011-10-11 Show GitHub Exploit DB Packet Storm
254574 9.3 危険 マイクロソフト - Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1253 2011-10-21 15:27 2011-10-11 Show GitHub Exploit DB Packet Storm
254575 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-2011 2011-10-21 15:26 2011-10-11 Show GitHub Exploit DB Packet Storm
254576 9.3 危険 マイクロソフト - Microsoft Windows の win32k.sys のバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-2003 2011-10-21 15:25 2011-10-11 Show GitHub Exploit DB Packet Storm
254577 4.7 警告 マイクロソフト - Microsoft Windows の win32k.sys におけるサービス運用妨害 (システムハング) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-2002 2011-10-21 15:25 2011-10-11 Show GitHub Exploit DB Packet Storm
254578 7.2 危険 マイクロソフト - Microsoft Windows の win32k.sys における権限昇格またはサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2011-1985 2011-10-21 15:24 2011-10-11 Show GitHub Exploit DB Packet Storm
254579 9.3 危険 マイクロソフト - Microsoft Windows Vista および Windows 7 の Windows Media Center における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-2009 2011-10-21 15:24 2011-10-11 Show GitHub Exploit DB Packet Storm
254580 9.3 危険 マイクロソフト - Microsoft Windows の Microsoft Active Accessibility コンポーネントにおける権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-1247 2011-10-21 15:23 2011-10-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
246311 7.5 HIGH
Network 		python
canonical
debian
fedoraproject
opensuse
redhat 		python
ubuntu_linux
debian_linux
fedora
leap
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server 		Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML docu… CWE-909
 Missing Initialization of Resource 		CVE-2018-14647 2024-11-21 12:49 2018-09-25 Show GitHub Exploit DB Packet Storm
246312 7.0 HIGH
Network 		linux
debian
canonical
redhat 		linux_kernel
debian_linux
ubuntu_linux
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_eus 		A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenti… - CVE-2018-14633 2024-11-21 12:49 2018-09-25 Show GitHub Exploit DB Packet Storm
246313 5.8 MEDIUM
Local 		honeywell cn80
ct40
ct60
eda50
eda50k
eda60k
eda70
ck75
cn51
cn75
cn75e
d75e
ct50
eda51 		On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android O… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-14825 2024-11-21 12:49 2018-09-25 Show GitHub Exploit DB Packet Storm
246314 7.5 HIGH
Network 		webpack.js webpack-dev-server An issue was discovered in lib/Server.js in webpack-dev-server before 3.1.6. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which … CWE-20
 Improper Input Validation  		CVE-2018-14732 2024-11-21 12:49 2018-09-22 Show GitHub Exploit DB Packet Storm
246315 7.5 HIGH
Network 		parceljs parcel An issue was discovered in HMRServer.js in Parcel parcel-bundler. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for… CWE-200
Information Exposure 		CVE-2018-14731 2024-11-21 12:49 2018-09-22 Show GitHub Exploit DB Packet Storm
246316 7.5 HIGH
Network 		browserify-hot_module_replacement_project browserify-hot_module_replacement An issue was discovered in Browserify-HMR. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for HMR (Hot Module Replac… CWE-200
Information Exposure 		CVE-2018-14730 2024-11-21 12:49 2018-09-22 Show GitHub Exploit DB Packet Storm
246317 6.1 MEDIUM
Network 		subsonic subsonic An issue was discovered in Subsonic 6.1.1. The music tags feature is affected by three stored cross-site scripting vulnerabilities in the c0-param2, c0-param3, and c0-param4 parameters to dwr/call/pl… CWE-79
Cross-site Scripting 		CVE-2018-14691 2024-11-21 12:49 2018-09-22 Show GitHub Exploit DB Packet Storm
246318 6.1 MEDIUM
Network 		subsonic subsonic An issue was discovered in Subsonic 6.1.1. The general settings are affected by two stored cross-site scripting vulnerabilities in the title and subtitle parameters to generalSettings.view that could… CWE-79
Cross-site Scripting 		CVE-2018-14690 2024-11-21 12:49 2018-09-22 Show GitHub Exploit DB Packet Storm
246319 6.1 MEDIUM
Network 		subsonic subsonic An issue was discovered in Subsonic 6.1.1. The transcoding settings are affected by five stored cross-site scripting vulnerabilities in the name[x], sourceformats[x], targetFormat[x], step1[x], and s… CWE-79
Cross-site Scripting 		CVE-2018-14689 2024-11-21 12:49 2018-09-22 Show GitHub Exploit DB Packet Storm
246320 6.1 MEDIUM
Network 		subsonic subsonic An issue was discovered in Subsonic 6.1.1. The radio settings are affected by three stored cross-site scripting vulnerabilities in the name[x], streamUrl[x], homepageUrl[x] parameters (where x is an … CWE-79
Cross-site Scripting 		CVE-2018-14688 2024-11-21 12:49 2018-09-22 Show GitHub Exploit DB Packet Storm